Main Vulnerability Database Vulnerabilities #VU17188

Privilege escalation in OpenBMC - CVE-2019-6260

Published: January 24, 2019

Vulnerability identifier: #VU17188

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear

CVE-ID: CVE-2019-6260

CWE-ID: CWE-264

Exploitation vector: Adjecent network

Exploit availability: No public exploit available

Vendor: openbmc

Affected software:
OpenBMC

Detailed vulnerability description

The vulnerability allows an adjacent unauthenticated attacker to gain elevated privileges on the system.

The vulnerability exists in ASPEED ast2400 and ast2500 Baseband Management Controller (BMC) hardware due to an error in implementation of Advanced High-performance Bus (AHB) bridges on the LPC and PCIe buses. An adjacent attacker can gain read and write access to the BMC’s physical address space from the host and control of the BMC.

Note: the vulnerability has been nicknamed "pantsdown".

How to mitigate CVE-2019-6260

The vulnerability has been addressed in the version 2.6.

Sources

https://www.flamingspork.com/blog/2019/01/23/cve-2019-6260:-gaining-control-of-bmc-from-the-host-processor/

Privilege escalation in OpenBMC - CVE-2019-6260

Detailed vulnerability description

How to mitigate CVE-2019-6260

Sources

Please verify you're human