Intel ID: INTEL-SA-00130
Product family: Intel Server Boards, Compute Modules and Systems
Impact of vulnerability: Denial of Service
Severity rating: Important
Original release: 07/10/2018
Last revised: 07/10/2018

Summary:
BMC Firmware in Intel server boards, compute modules, and systems potentially allow an attacker with administrative privileges to make unauthorized read\writes to the SMBUS.
• 8.2 High CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Affected products:

Product Type Product Name MM#
Intel® Server Board BBS2600BPB 948899
BBS2600BPQ 948900
BBS2600BPS 952609
S2600WFO 952644
S2600WFQ 952645
S2600WFT 952641
S2600STB 957180
S2600STQ 957318
BBS2600STB 959820
BBS2600STQ 959727
S2600WT2R 943786
S2600WTTR 943785
S2600WTTS1R 949339
DBS2600CW2R 943803
DBS2600CWTR 943805
DBS2600CW2SR 943804
DBS2600CWTSR 943806
S2600KPR 943789
S2600KPFR 943790
S2600KPTR 948036
S2600TPR 943944
S2600TPFR 943947
S2600TPTR 953032
S2600TPNR 955259
S7200APR 959387
BBS7200APL 950090
BBS7200AP 942367
Intel® Compute Module HNS2600BPB 976668
HNS2600BPQ 976669
HNS2600BPS 976670
HNS2600BPB24 976671
HNS2600BPQ24 976675
HNS2600BPS24 976676
HNS2600BPBLC 961401
HNS2600BPBLC24 977207
HNS2600KPR 943787
HNS2600KPFR 943788
HNS2600TPR 943948
HNS2600TPFR 943949
HNS2600TPNR 955260
HNS2600TP24R 943951
HNS2600TP24SR 945609
HNS2600TP24STR 953190
HNS7200APR 959388
HNS7200APRL 959389
HNS7200AP 942355
HNS7200APL 950091
Intel® Server System R1304WF0YS 952626
R1304WFTYS 952625
R1208WFTYS 952627
R2308WFTZS 952631
R2208WF0ZS 952629
R2208WFTZS 952628
R2208WFQZS 952637
R2312WF0NP 955876
R2312WFTZS 952632
R2312WFQZS 955877
R2224WFQZS 955875
R2224WFTZS 952633
R1304WTTGSR 943891
R1304WT2GSR 943892
R1208WTTGSR 943893
R1208WT2GSR 943894
R2208WT2YSR 943827
R2208WTTYSR 943826
R2208WTTYC1R 943828
R2308WTTYSR 943829
R2312WTTYSR 943830
R2224WTTYSR 943831

Recommendations:
Intel recommends that customers impacted by this Pubic Security Advisory upgrade to the latest firmware release for your specific platform as indicated in the list below. Contact your Intel Support representative for details of the release and schedule.

For systems based on the Intel® Server Board S2600BP family, the platform firmware package is available here, and is "00.01.0013":
· SUP (EFI Shell) Download Intel® Server Board S2600BP Family BIOS and Firmware Update Package for UEFI*
· Intel® OFU (OS-level update) https://downloadcenter.intel.com/download/27637
For systems based on the Intel® Server Board S2600WF family, the platform firmware package is available here, and is "00.01.0013":
· SUP (EFI Shell) Download Intel® Server Board S2600WF Family BIOS and Firmware Update Package for UEFI*
· Intel® OFU (OS-level update) https://downloadcenter.intel.com/download/27642
For systems based on the Intel® Server Board S2600ST family, the platform firmware package is available here, and is "00.01.0013":
· SUP (EFI Shell) https://downloadcenter.intel.com/download/27672
· Intel® OFU (OS-level update) https://downloadcenter.intel.com/download/27643
For systems based on the Intel® Server Board S7200AP family, the platform firmware package is available here, and is "R01.03.0018":
· SUP (EFI Shell) https://downloadcenter.intel.com/download/27644
· Intel® OFU (OS-level update) https://downloadcenter.intel.com/download/27645
For systems based on the Intel® Server Board S2600TP family, the platform firmware package is available here, and is "R01.01.0024":
· SUP (EFI Shell) https://downloadcenter.intel.com/download/27575
· Intel® OFU (OS-level update) https://downloadcenter.intel.com/download/27620
For systems based on the Intel® Server Board S2600KP family, the platform firmware package is available here, and is "R01.01.0024":
· SUP (EFI Shell) https://downloadcenter.intel.com/download/27574
· Intel® OFU (OS-level update) https://downloadcenter.intel.com/download/27619
For systems based on the Intel® Server Board S2600CW family, the platform firmware package is available here, and is "R01.01.0024":
· SUP (EFI Shell) https://downloadcenter.intel.com/download/27577
· Intel® OFU (OS-level update) https://downloadcenter.intel.com/download/27624
For systems based on the Intel® Server Board S2600WT family, the platform firmware package is available here, and is "R01.01.0024":
· SUP (EFI Shell) https://downloadcenter.intel.com/download/27576
· Intel® OFU (OS-level update) https://downloadcenter.intel.com/download/27634

Acknowledgements:
This issue was discovered by Intel during internal validation.

Revision History

Revision Date Description
1.0 07/10/2018 Initial Release

CVE Name: CVE-2018-3651


Source: INTEL-SA-00130