Intel System Management Mode Local Privilege Escalation (INTEL-SA-00017)

This script is Copyright (C) 2008-2013 Tenable Network Security, Inc.


Synopsis :

The remote host is vulnerable to a local privilege escalation attack.

Description :

The version of the Intel BIOS on the remote host is known to be
vulnerable to an as-yet unspecified privilege escalation attack. It
would allow a local user with administrative privileges to upgrade
administrative privileges to System Management Mode.

See also :

http://www.nessus.org/u?6371ebe4

Solution :

Upgrade the system BIOS on the remote host.

Risk factor :

Medium / CVSS Base Score : 6.9
(CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 5.1
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Misc.

Nessus Plugin ID: 34099 (intel_bios_priv_escal.nasl)

Bugtraq ID: 30823

CVE ID: CVE-2008-7096