Lucene search
HistoryAug 13, 2020 - 3:15 a.m.
CVE-2020-8729
cve-2020-8729
buffer copy
input size checking
privilege escalation
intel
server boards
server systems
compute modules
nvd
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
12.7%
Buffer copy without checking size of input for some Intelยฎ Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access.
Affected configurations
Node
intelserver_board_s2600wt_firmwareRange<1.59
intelserver_board_s2600wt2Match-
ORintelserver_board_s2600wt2rMatch-
ORintelserver_board_s2600wttMatch-
ORintelserver_board_s2600wttrMatch-
Node
intelserver_system_r1000wt_firmwareRange<1.59
intelserver_system_r1208wt2gsMatch-
ORintelserver_system_r1208wt2gsrMatch-
ORintelserver_system_r1208wttgsMatch-
ORintelserver_system_r1208wttgsbppMatch-
ORintelserver_system_r1208wttgsrMatch-
ORintelserver_system_r1304wt2gsMatch-
ORintelserver_system_r1304wt2gsrMatch-
ORintelserver_system_r1304wttgsMatch-
ORintelserver_system_r1304wttgsrMatch-
Node
intelserver_system_r2000wt_firmwareRange<1.59
intelserver_system_r2208wt2ysMatch-
ORintelserver_system_r2208wt2ysrMatch-
ORintelserver_system_r2208wttyc1Match-
ORintelserver_system_r2208wttyc1rMatch-
ORintelserver_system_r2208wttysMatch-
ORintelserver_system_r2208wttysrMatch-
ORintelserver_system_r2224wttysMatch-
ORintelserver_system_r2224wttysrMatch-
ORintelserver_system_r2308wttysMatch-
ORintelserver_system_r2308wttysrMatch-
ORintelserver_system_r2312wttysMatch-
ORintelserver_system_r2312wttysrMatch-
Node
intelserver_board_s2600cwRange<1.59
intelserver_board_s2600cw2Match-
ORintelserver_board_s2600cw2rMatch-
ORintelserver_board_s2600cw2sMatch-
ORintelserver_board_s2600cw2srMatch-
ORintelserver_board_s2600cwtMatch-
ORintelserver_board_s2600cwtrMatch-
ORintelserver_board_s2600cwtsMatch-
ORintelserver_board_s2600cwtsrMatch-
Node
intelcompute_module_hns2600kp_firmwareRange<1.59
intelcompute_module_hns2600kpMatch-
ORintelcompute_module_hns2600kpfMatch-
ORintelcompute_module_hns2600kpfrMatch-
ORintelcompute_module_hns2600kprMatch-
Node
intelserver_board_s2600kp_firmwareRange<1.59
intelserver_board_s2600kpMatch-
ORintelserver_board_s2600kpfMatch-
ORintelserver_board_s2600kpfrMatch-
ORintelserver_board_s2600kprMatch-
ORintelserver_board_s2600kptrMatch-
Node
intelcompute_module_hns2600tp_firmwareRange<1.59
intelcompute_module_hns2600tpMatch-
ORintelcompute_module_hns2600tp24rMatch-
ORintelcompute_module_hns2600tp24srMatch-
ORintelcompute_module_hns2600tpfMatch-
ORintelcompute_module_hns2600tpfrMatch-
ORintelcompute_module_hns2600tprMatch-
Node
intelcompute_module_s2600tp_firmwareRange<1.59
intelserver_board_s2600tpMatch-
ORintelserver_board_s2600tpfMatch-
ORintelserver_board_s2600tpfrMatch-
ORintelserver_board_s2600tprMatch-
Node
intelserver_board_s1200sp_firmwareRange<1.59
intelserver_board_s1200splMatch-
ORintelserver_board_s1200splrMatch-
ORintelserver_board_s1200spoMatch-
ORintelserver_board_s1200sporMatch-
ORintelserver_board_s1200spsMatch-
ORintelserver_board_s1200spsrMatch-
Node
intelserver_system_lr1304sp_firmwareRange<1.59
intelserver_system_lr1304spcfg1Match-
ORintelserver_system_lr1304spcfg1rMatch-
ORintelserver_system_lr1304spcfsgx1Match-
Node
intelserver_system_lsvrp_firmwareRange<1.59
intelserver_system_lsvrp4304es6xx1Match-
ORintelserver_system_lsvrp4304es6xxrMatch-
Node
intelserver_system_r1000sp_firmwareRange<1.59
intelserver_system_r1208sposhorMatch-
ORintelserver_system_r1208sposhorrMatch-
ORintelserver_system_r1304sposhbnMatch-
ORintelserver_system_r1304sposhbnrMatch-
ORintelserver_system_r1304sposhorMatch-
ORintelserver_system_r1304sposhorrMatch-
Node
intelserver_board_s2600wf_firmwareRange<1.59
intelserver_board_s2600wf0Match-
ORintelserver_board_s2600wf0rMatch-
ORintelserver_board_s2600wfqMatch-
ORintelserver_board_s2600wfqrMatch-
ORintelserver_board_s2600wftMatch-
ORintelserver_board_s2600wftrMatch-
Node
intelserver_system_r1000wf_firmwareRange<1.59
intelserver_system_lnetcnt3yMatch-
ORintelserver_system_mcb2208wfaf4Match-
ORintelserver_system_mcb2208wfaf5Match-
ORintelserver_system_mcb2208wfaf6Match-
ORintelserver_system_mcb2208wfhy2Match-
ORintelserver_system_nb2208wfqnfviMatch-
ORintelserver_system_r1208wfqysrMatch-
ORintelserver_system_r1208wftysMatch-
ORintelserver_system_r1208wftysrMatch-
ORintelserver_system_r1304wf0ysMatch-
ORintelserver_system_r1304wf0ysrMatch-
ORintelserver_system_r1304wftysMatch-
ORintelserver_system_r1304wftysrMatch-
Node
intelserver_system_r2000wf_firmwareRange<1.59
intelserver_system_r2208wf0zsMatch-
ORintelserver_system_r2208wf0zsrMatch-
ORintelserver_system_r2208wfqzsMatch-
ORintelserver_system_r2208wfqzsrMatch-
ORintelserver_system_r2208wftzsMatch-
ORintelserver_system_r2208wftzsrMatch-
ORintelserver_system_r2224wfqzsMatch-
ORintelserver_system_r2224wftzsMatch-
ORintelserver_system_r2224wftzsrMatch-
ORintelserver_system_r2308wftzsMatch-
ORintelserver_system_r2308wftzsrMatch-
ORintelserver_system_r2312wf0npMatch-
ORintelserver_system_r2312wf0nprMatch-
ORintelserver_system_r2312wfqzsMatch-
ORintelserver_system_r2312wftzsMatch-
ORintelserver_system_r2312wftzsrMatch-
ORintelserver_system_vrn2208waf6Match-
ORintelserver_system_vrn2208wfaf81Match-
ORintelserver_system_vrn2208wfaf82Match-
ORintelserver_system_vrn2208wfaf83Match-
ORintelserver_system_vrn2208wfhy6Match-
Node
intelserver_board_s2600st_firmwareRange<1.59
intelserver_board_s2600stbMatch-
ORintelserver_board_s2600stbrMatch-
ORintelserver_board_s2600stqMatch-
ORintelserver_board_s2600stqrMatch-
Node
intelcompute_module_hns2600bp_firmwareRange<1.59
intelcompute_module_hns2600bpbMatch-
ORintelcompute_module_hns2600bpb24Match-
ORintelcompute_module_hns2600bpb24rMatch-
ORintelcompute_module_hns2600bpblcMatch-
ORintelcompute_module_hns2600bpblc24Match-
ORintelcompute_module_hns2600bpblc24rMatch-
ORintelcompute_module_hns2600bpblcrMatch-
ORintelcompute_module_hns2600bpbrMatch-
ORintelcompute_module_hns2600bpqMatch-
ORintelcompute_module_hns2600bpq24Match-
ORintelcompute_module_hns2600bpq24rMatch-
ORintelcompute_module_hns2600bpqrMatch-
ORintelcompute_module_hns2600bpsMatch-
ORintelcompute_module_hns2600bps24Match-
ORintelcompute_module_hns2600bps24rMatch-
ORintelcompute_module_hns2600bpsrMatch-
Node
intelserver_board_s2600bp_firmwareRange<1.59
intelserver_board_s2600bpbMatch-
ORintelserver_board_s2600bpbrMatch-
ORintelserver_board_s2600bpqMatch-
ORintelserver_board_s2600bpqrMatch-
ORintelserver_board_s2600bpsMatch-
ORintelserver_board_s2600bpsrMatch-
| CPE | Name | Operator | Version |
|---|---|---|---|
| intel:server_board_s2600wt_firmware | intel server board s2600wt firmware | lt | 1.59 |
CNA Affected
[
{
"product": "Intel(R) Server Boards, Server Systems and Compute Modules Advisory",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Before version 1.59"
}
]
}
]Related
prion
prion
Buffer overflow
2020-08-13 03:15:00
nvd
nvd
CVE-2020-8729
2020-08-13 03:15:16
cvelist
cvelist
CVE-2020-8729
2020-08-13 02:56:11
intel
intel
Intelยฎ Server Boards, Server Systems and Compute Modulesย Advisory
2020-08-11 00:00:00
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
12.7%
Related for CVE-2020-8729