Lucene search

[email protected]CVE-2020-24457

HistorySep 14, 2020 - 7:15 p.m.

CVE-2020-24457

2020-09-1419:15:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

cve-2020-24457

bios firmware

intel

8th generation

9th generation

10th generation

core processors

logic error

escalation of privilege

denial of service

information disclosure

nvd

7.6 High

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

27.9%

JSON

Logic error in BIOS firmware for 8th, 9th and 10th Generation Intel® Core™ Processors may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access.

CPENameOperatorVersion
intel:core_i7-8665ue_firmwareintel core i7-8665ue firmwareeq-
intel:core_i7-8665u_firmwareintel core i7-8665u firmwareeq-
intel:core_i7-8557u_firmwareintel core i7-8557u firmwareeq-
intel:core_i7-8850h_firmwareintel core i7-8850h firmwareeq-
intel:core_i7-8809g_firmwareintel core i7-8809g firmwareeq-
intel:core_i7-8750h_firmwareintel core i7-8750h firmwareeq-
intel:core_i7-8709g_firmwareintel core i7-8709g firmwareeq-
intel:core_i7-8706g_firmwareintel core i7-8706g firmwareeq-
intel:core_i7-8705g_firmwareintel core i7-8705g firmwareeq-
intel:core_i7-8700t_firmwareintel core i7-8700t firmwareeq-

CPE	Name	Operator	Version
intel:core_i7-8665ue_firmware	intel core i7-8665ue firmware	eq	-
intel:core_i7-8665u_firmware	intel core i7-8665u firmware	eq	-
intel:core_i7-8557u_firmware	intel core i7-8557u firmware	eq	-
intel:core_i7-8850h_firmware	intel core i7-8850h firmware	eq	-
intel:core_i7-8809g_firmware	intel core i7-8809g firmware	eq	-
intel:core_i7-8750h_firmware	intel core i7-8750h firmware	eq	-
intel:core_i7-8709g_firmware	intel core i7-8709g firmware	eq	-
intel:core_i7-8706g_firmware	intel core i7-8706g firmware	eq	-
intel:core_i7-8705g_firmware	intel core i7-8705g firmware	eq	-
intel:core_i7-8700t_firmware	intel core i7-8700t firmware	eq	-

Rows per page:

1-10 of 501

References

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00347.html

7.6 High

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

27.9%

JSON

Related for CVE-2020-24457

prion1 intel1 lenovo2