Improper authentication in some Intel(R) Server Product OpenBMC firmware before version egs-1.09 may allow an authenticated user to enable escalation of privilege via local access.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.