DATABASE RESOURCES PRICING ABOUT US

{"id": "INTEL:INTEL-SA-00358", "vendorId": null, "type": "intel", "bulletinFamily": "info", "title": "2020.2 IPU \u2013 BIOS\u00a0Advisory", "description": "### Summary: \n\nPotential security vulnerabilities in the BIOS firmware for some Intel\u00ae Processors may allow escalation of privilege or denial of service.** **Intel is releasing firmware updates to mitigate this potential vulnerability.\n\n### Vulnerability Details:\n\nCVEID: [CVE-2020-0590](<https://vulners.com/cve/CVE-2020-0590>)\n\nDescription: Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.\n\nCVSS Base Score: 7.7 High\n\nCVSS Vector: [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:H](<https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:H>)\n\nCVEID: [CVE-2020-0587](<https://vulners.com/cve/CVE-2020-0587>)\n\nDescription: Improper conditions check in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.\n\nCVSS Base Score: 6.7 Medium\n\nCVSS Vector: [CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:L](<https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:L>)\n\nCVEID: [CVE-2020-0591](<https://vulners.com/cve/CVE-2020-0591>)\n\nDescription: Improper buffer restrictions in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.\n\nCVSS Base Score: 6.7 Medium\n\nCVSS Vector: [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H>)\n\nCVEID: [CVE-2020-0593](<https://vulners.com/cve/CVE-2020-0593>)\n\nDescription: Improper buffer restrictions in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.\n\nCVSS Base Score: 4.7 Medium\n\nCVSS Vector: [CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:L](<https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:L>)\n\nCVEID: [CVE-2020-0588](<https://vulners.com/cve/CVE-2020-0588>)\n\nDescription: Improper conditions check in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.\n\nCVSS Base Score: 3.8 Low\n\nCVSS Vector: [CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:N](<https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:N>)\n\nCVEID: [CVE-2020-0592](<https://vulners.com/cve/CVE-2020-0592>)\n\nDescription: Out of bounds write in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or denial of service via local access.\n\nCVSS Base Score: 3.0 Low\n\nCVSS Vector: [CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L](<https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L>)\n\n### Affected Products:\n\n2nd Generation Intel\u00ae Xeon\u00ae Scalable and Intel\u00ae Xeon\u00ae Scalable Processors\n\n * CVE-2020-0590\n * CVE-2020-0591\n * CVE-2020-0592\n * CVE-2020-0593\n * CVE-2020-0587\n * CVE-2020-0588\n\nIntel\u00ae Xeon\u00ae Processor D Family, Intel\u00ae Xeon\u00ae Processor E5 v4 Family and Intel\u00ae Xeon\u00ae Processor E5 v3 Family \n\n * CVE-2020-0591\n * CVE-2020-0592\n\n10th Generation Intel\u00ae Core\u2122 processors, 9th Generation Intel\u00ae Core\u2122 processors, 8th Generation Intel\u00ae Core\u2122 processors, 7th Generation Intel\u00ae Core\u2122 processors, 6th Generation Intel\u00ae Core\u2122 processors and\n\nIntel\u00ae Core\u2122 Processors with Intel\u00ae Hybrid Technology \n\n * CVE-2020-0593\n\nIntel\u00ae Xeon\u00ae Processor E7 v4 Family and Intel\u00ae Xeon\u00ae Processor E7 v2 Family \n\n * CVE-2020-0592\n\nIntel\u00ae Core\u2122 X-series Processors and Intel\u00ae Xeon\u00ae Processor W Family \n\n * CVE-2020-0587\n * CVE-2020-0591\n * CVE-2020-0592\n * CVE-2020-0593\n\nIntel\u00ae Xeon\u00ae Processor D Family, Intel\u00ae Xeon\u00ae W Processor and Intel\u00ae Core\u2122 X-series Processors\n\n * CVE-2020-0591\n * CVE-2020-0592\n * CVE-2020-0593\n\n### Recommendations: \n\n\nIntel recommends that users of the affected products update to the latest BIOS firmware provided by the system manufacturer that addresses these issues.\n\n### Acknowledgements:\n\nThese issues were found internally by Intel employees. Intel would like to thank, Nagaraju N Kodalapura and Hareesh Khattri for CVE-2020-0590, Jorge E Gonzalez Diaz for CVE-2020-0588, Nicholas Armour for CVE-2020-0587, and Brent Holtsclaw for CVE-2020-0591 and CVE-2020-0591.\n\nIntel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.\n", "published": "2020-11-10T00:00:00", "modified": "2020-11-10T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00358.html", "reporter": "Intel Security Center", "references": [], "cvelist": ["CVE-2020-0587", "CVE-2020-0588", "CVE-2020-0590", "CVE-2020-0591", "CVE-2020-0592", "CVE-2020-0593"], "immutableFields": [], "lastseen": "2023-02-08T18:04:14", "viewCount": 6, "enchantments": {"score": {"value": 3.6, "vector": "NONE"}, "dependencies": {"references": [{"type": "cert", "idList": ["VU:290915"]}, {"type": "cve", "idList": ["CVE-2020-0587", "CVE-2020-0588", "CVE-2020-0590", "CVE-2020-0591", "CVE-2020-0592", "CVE-2020-0593"]}, {"type": "f5", "idList": ["F5:K04160444", "F5:K82356391"]}, {"type": "hp", "idList": ["HP:C06962236"]}, {"type": "ics", "idList": ["ICSA-21-131-15", "ICSA-22-132-05"]}, {"type": "lenovo", "idList": ["LENOVO:PS500368-MULTI-VENDOR-BIOS-SECURITY-VULNERABILITIES-NOVEMBER-2020-NOSID"]}]}, "epss": [{"cve": "CVE-2020-0587", "epss": "0.000440000", "percentile": "0.102110000", "modified": "2023-03-19"}, {"cve": "CVE-2020-0588", "epss": "0.000440000", "percentile": "0.102110000", "modified": "2023-03-19"}, {"cve": "CVE-2020-0590", "epss": "0.000440000", "percentile": "0.102110000", "modified": "2023-03-19"}, {"cve": "CVE-2020-0591", "epss": "0.000440000", "percentile": "0.102110000", "modified": "2023-03-19"}, {"cve": "CVE-2020-0592", "epss": "0.000440000", "percentile": "0.102110000", "modified": "2023-03-19"}, {"cve": "CVE-2020-0593", "epss": "0.000440000", "percentile": "0.102110000", "modified": "2023-03-19"}], "vulnersScore": 3.6}, "_state": {"score": 1684014194, "dependencies": 1675879463, "epss": 1679291388}, "_internal": {"score_hash": "3b4bd958af9fd00e5a712a6fc55cce98"}, "severity": "HIGH"}

{"lenovo": [{"lastseen": "2021-08-11T16:37:46", "description": "**Lenovo Security Advisory: **LEN-49266\n\n**Potential Impact: **Information disclosure, privilege escalation, denial of service\n\n**Severity: **High\n\n**Scope of Impact: **Industry-wide\n\n**CVE Identifier: **CVE-2020-0587, CVE-2020-0588, CVE-2020-0590, CVE-2020-0591, CVE-2020-0592, CVE-2020-0593, CVE-2020-1025, CVE-2020-1289, CVE-2020-1292, CVE-2020-2963, CVE-2020-8694, CVE-2020-8695, CVE-2020-8696, CVE-2020-8698, CVE-2020-8352, CVE-2020-8354\n\n**Summary Description:**\n\nWhen possible, Lenovo consolidates multiple BIOS security fixes and enhancements into as few updates as possible. The following list of vulnerabilities were reported by suppliers and researchers or were found during our regular internal testing. Not all products listed in the Product Impact section of this advisory were affected by every CVE summarized here.\n\nAMD reported a potential vulnerability that may impact AMD\u2019s TPM implementation of non-orderly shutdown-failedTries with the USE_DA_USED build flag. CVE-2020-12926 (AMD), CVE-2020-29633 (TCG)\n\nAMD reported a potential vulnerability in some AMD notebook or embedded processors that may allow privilege escalation. CVE-2020-12890\n\nAMI has released AMI Aptio V BIOS security enhancements. No CVEs available\n\nIntel reported potential security vulnerabilities in the BIOS firmware for some Intel\u00ae Processors that may allow escalation of privilege or denial of service. INTEL-SA-00358: CVE-2020-0587, CVE-2020-0588, CVE-2020-0590, CVE-2020-0591, CVE-2020-0592, CVE-2020-0593\n\nIntel reported potential security vulnerabilities in some Intel\u00ae Processors that may allow information disclosure. INTEL-SA-00381: CVE-2020-8696, CVE-2020-8698\n\nIntel reported potential security vulnerabilities in the Intel\u00ae Running Average Power Limit (RAPL) Interface that may allow information disclosure. INTEL-SA-00389: CVE-2020-8694, CVE-2020-8695\n\nA potential vulnerability in the SMI callback function used in the VariableServiceSmm driver in some Lenovo Notebook models may allow arbitrary code execution. CVE-2020-8354\n\nIn some Lenovo Desktop models, the Configuration Change Detection BIOS setting failed to detect SATA configuration changes. CVE-2020-8352\n\nPhoenix has released security enhancements for Phoenix BIOS. No CVEs available\n\n**Mitigation Strategy for Customers (what you should do to protect yourself):**\n\nUpdate system firmware to the version (or newer) indicated for your model in the Product Impact section.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-11-04T15:47:25", "type": "lenovo", "title": "Multi-vendor BIOS Security Vulnerabilities (November 2020) - Lenovo Support NL", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-8695", "CVE-2020-0587", "CVE-2020-0588", "CVE-2020-8696", "CVE-2020-0592", "CVE-2020-8698", "CVE-2020-1292", "CVE-2020-1025", "CVE-2020-0591", "CVE-2020-0593", "CVE-2020-1289", "CVE-2020-8694", "CVE-2020-2963", "CVE-2020-0590"], "modified": "2021-08-09T15:25:35", "id": "LENOVO:PS500368-MULTI-VENDOR-BIOS-SECURITY-VULNERABILITIES-NOVEMBER-2020-NOSID", "href": "https://support.lenovo.com/nl/nl/product_security/ps500368-multi-vendor-bios-security-vulnerabilities-november-2020", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "hp": [{"lastseen": "2023-04-26T17:04:37", "description": "## Potential Security Impact\nEscalation of Privilege, Denial of Service, Information Disclosure \n\n**Source:** HP, HP Product Security Response Team (PSRT) \n\n**Reported by:** HP, Intel \n\n## VULNERABILITY SUMMARY\nIntel\u00ae has informed HP of potential security vulnerabilities identified in Intel\u00ae Processors, BIOS Firmware for some Intel\u00ae Processors, Intel\u00ae Running Average Power Limit (RAPL) Interface, and Intel BIOS platform sample code for some Intel\u00ae Processors which may allow escalation of privilege, denial of service, and/or information disclosure.\n\nHP has identified a potential vulnerability with certain versions of HP BIOS which may allow escalation of Firmware privilege.\n\n## RESOLUTION\nIntel and HP have released Firmware updates to mitigate the potential vulnerabilities. HP has identified the affected platforms and the corresponding SoftPaq updated versions. See the affected platforms listed below.\n\nNewer versions may become available and the minimum versions listed below may become obsolete. If a SoftPaq Link becomes invalid, check the HP Customer Support - Software and Driver Downloads site to obtain the latest update for your product model. \n", "cvss3": {}, "published": "2020-11-09T00:00:00", "type": "hp", "title": "HPSBHF03705 rev. 6 - BIOS November 2020 Security Updates", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2020-0587", "CVE-2020-0588", "CVE-2020-0590", "CVE-2020-0591", "CVE-2020-0592", "CVE-2020-0593", "CVE-2020-0599", "CVE-2020-6929", "CVE-2020-8694", "CVE-2020-8695", "CVE-2020-8696", "CVE-2020-8698", "CVE-2020-8738", "CVE-2020-8739", "CVE-2020-8740", "CVE-2020-8764"], "modified": "2021-04-27T00:00:00", "id": "HP:C06962236", "href": "https://support.hp.com/us-en/document/c06962236", "cvss": {"score": "8.8", "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/"}}], "cve": [{"lastseen": "2023-06-05T14:22:51", "description": "Improper conditions check in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-12T18:15:00", "type": "cve", "title": "CVE-2020-0588", "cwe": ["CWE-754"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-0588"], "modified": "2020-11-19T02:45:00", "cpe": ["cpe:/o:intel:bios:-"], "id": "CVE-2020-0588", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-0588", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:intel:bios:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-05T14:22:54", "description": "Improper conditions check in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-12T18:15:00", "type": "cve", "title": "CVE-2020-0587", "cwe": ["CWE-754"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-0587"], "modified": "2020-11-19T02:43:00", "cpe": ["cpe:/o:intel:bios:-"], "id": "CVE-2020-0587", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-0587", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:intel:bios:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-05T14:22:54", "description": "Improper buffer restrictions in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-12T18:15:00", "type": "cve", "title": "CVE-2020-0593", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-0593"], "modified": "2021-07-21T11:39:00", "cpe": ["cpe:/o:intel:bios:-"], "id": "CVE-2020-0593", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-0593", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:intel:bios:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-05T14:22:51", "description": "Out of bounds write in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or denial of service via local access.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-12T18:15:00", "type": "cve", "title": "CVE-2020-0592", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-0592"], "modified": "2020-11-19T14:52:00", "cpe": ["cpe:/o:intel:bios:-"], "id": "CVE-2020-0592", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-0592", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:intel:bios:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-05T14:22:53", "description": "Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-12T18:15:00", "type": "cve", "title": "CVE-2020-0590", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-0590"], "modified": "2022-10-19T19:17:00", "cpe": ["cpe:/o:intel:xeon_gold_6250_firmware:-", "cpe:/o:intel:xeon_platinum_8280l_firmware:-", "cpe:/o:intel:xeon_platinum_9282_firmware:-", "cpe:/o:intel:xeon_platinum_8168_firmware:-", "cpe:/o:intel:xeon_gold_6258r_firmware:-", "cpe:/a:netapp:clustered_data_ontap:-", "cpe:/o:intel:xeon_gold_6238_firmware:-", "cpe:/o:intel:xeon_platinum_8176_firmware:-", "cpe:/o:intel:xeon_gold_6254_firmware:-", "cpe:/o:intel:xeon_gold_6238t_firmware:-", "cpe:/o:intel:xeon_gold_5122_firmware:-", "cpe:/o:intel:xeon_gold_6242_firmware:-", "cpe:/o:intel:xeon_gold_6138t_firmware:-", "cpe:/o:intel:xeon_bronze_3106_firmware:-", "cpe:/o:intel:xeon_platinum_9222_firmware:-", "cpe:/o:intel:xeon_gold_6142_firmware:-", "cpe:/o:intel:xeon_gold_6150_firmware:-", "cpe:/o:intel:xeon_silver_4214_firmware:-", "cpe:/o:intel:xeon_gold_6144_firmware:-", "cpe:/o:intel:xeon_platinum_9221_firmware:-", "cpe:/o:intel:xeon_gold_6230n_firmware:-", "cpe:/o:intel:xeon_gold_5120t_firmware:-", "cpe:/o:intel:xeon_gold_6130t_firmware:-", "cpe:/o:intel:xeon_silver_4215_firmware:-", "cpe:/o:intel:xeon_platinum_8164_firmware:-", "cpe:/o:intel:xeon_silver_4210_firmware:-", "cpe:/o:intel:xeon_gold_6248r_firmware:-", "cpe:/o:intel:xeon_gold_5220r_firmware:-", "cpe:/o:intel:xeon_gold_5220t_firmware:-", "cpe:/o:intel:xeon_gold_6128_firmware:-", "cpe:/o:intel:xeon_silver_4216_firmware:-", "cpe:/o:intel:xeon_gold_6246_firmware:-", "cpe:/o:intel:xeon_gold_6226r_firmware:-", "cpe:/o:intel:xeon_platinum_8160_firmware:-", "cpe:/o:intel:xeon_gold_6148_firmware:-", "cpe:/o:intel:xeon_gold_5218r_firmware:-", "cpe:/o:intel:xeon_gold_5119t_firmware:-", "cpe:/o:intel:xeon_gold_5222_firmware:-", "cpe:/o:intel:xeon_gold_5218t_firmware:-", "cpe:/o:intel:xeon_gold_6140_firmware:-", "cpe:/o:intel:xeon_bronze_3206r_firmware:-", "cpe:/o:intel:xeon_gold_6126_firmware:-", "cpe:/o:intel:xeon_gold_6136_firmware:-", "cpe:/o:intel:xeon_platinum_8158_firmware:-", "cpe:/o:intel:xeon_gold_5120_firmware:-", "cpe:/o:intel:xeon_gold_6244_firmware:-", "cpe:/o:intel:xeon_gold_6242r_firmware:-", "cpe:/o:intel:xeon_gold_6126t_firmware:-", "cpe:/o:intel:xeon_silver_4112_firmware:-", "cpe:/o:intel:xeon_platinum_8253_firmware:-", "cpe:/o:intel:xeon_gold_6240r_firmware:-", "cpe:/o:intel:xeon_gold_5220_firmware:-", "cpe:/o:intel:xeon_gold_6138p_firmware:-", "cpe:/o:intel:xeon_gold_6142f_firmware:-", "cpe:/o:intel:xeon_silver_4214r_firmware:-", "cpe:/o:intel:xeon_gold_5218_firmware:-", "cpe:/o:intel:xeon_gold_6240y_firmware:-", "cpe:/o:intel:xeon_silver_4114_firmware:-", "cpe:/o:intel:xeon_gold_6154_firmware:-", "cpe:/o:intel:xeon_platinum_8153_firmware:-", "cpe:/o:intel:xeon_platinum_8156_firmware:-", "cpe:/o:intel:xeon_platinum_8260y_firmware:-", "cpe:/o:intel:xeon_silver_4116_firmware:-", "cpe:/o:intel:xeon_gold_6230t_firmware:-", "cpe:/o:intel:xeon_silver_4214y_firmware:-", "cpe:/o:intel:xeon_gold_6256_firmware:-", "cpe:/o:intel:xeon_platinum_8268_firmware:-", "cpe:/o:intel:xeon_gold_6252n_firmware:-", "cpe:/o:intel:xeon_platinum_8280_firmware:-", "cpe:/o:intel:xeon_silver_4114t_firmware:-", "cpe:/o:intel:xeon_gold_6230_firmware:-", "cpe:/o:intel:xeon_gold_6222v_firmware:-", "cpe:/o:intel:xeon_gold_5218n_firmware:-", "cpe:/o:intel:xeon_gold_6152_firmware:-", "cpe:/o:intel:xeon_gold_6138_firmware:-", "cpe:/o:intel:xeon_gold_6248_firmware:-", "cpe:/o:intel:xeon_gold_6132_firmware:-", "cpe:/o:intel:xeon_gold_6126f_firmware:-", "cpe:/o:intel:xeon_gold_6130f_firmware:-", "cpe:/o:intel:xeon_gold_6208u_firmware:-", "cpe:/o:intel:xeon_bronze_3104_firmware:-", "cpe:/o:intel:xeon_silver_4109t_firmware:-", "cpe:/o:intel:xeon_gold_6148f_firmware:-", "cpe:/o:intel:xeon_silver_4210t_firmware:-", "cpe:/o:netapp:fas\\/aff_bios:-", "cpe:/a:netapp:cloud_backup:-", "cpe:/o:intel:xeon_silver_4209t_firmware:-", "cpe:/o:intel:xeon_gold_6134_firmware:-", "cpe:/o:intel:xeon_platinum_8176f_firmware:-", "cpe:/o:intel:xeon_gold_6246r_firmware:-", "cpe:/o:intel:xeon_gold_6252_firmware:-", "cpe:/o:intel:xeon_gold_6209u_firmware:-", "cpe:/o:intel:xeon_gold_6130_firmware:-", "cpe:/o:intel:xeon_platinum_8170_firmware:-", "cpe:/o:intel:xeon_silver_4215r_firmware:-", "cpe:/o:intel:xeon_gold_5215_firmware:-", "cpe:/o:intel:xeon_platinum_8260_firmware:-", "cpe:/o:intel:xeon_gold_5218b_firmware:-", "cpe:/o:intel:xeon_gold_6262v_firmware:-", "cpe:/o:intel:xeon_gold_6226_firmware:-", "cpe:/o:intel:xeon_gold_6238r_firmware:-", "cpe:/o:intel:xeon_gold_5115_firmware:-", "cpe:/o:intel:xeon_silver_4210r_firmware:-", "cpe:/o:intel:xeon_gold_6250l_firmware:-", "cpe:/o:intel:xeon_gold_6238l_firmware:-", "cpe:/o:intel:xeon_silver_4208_firmware:-", "cpe:/o:intel:xeon_gold_6234_firmware:-", "cpe:/o:intel:xeon_platinum_8276_firmware:-", "cpe:/o:intel:xeon_silver_4110_firmware:-", "cpe:/o:intel:xeon_platinum_8270_firmware:-", "cpe:/o:intel:xeon_gold_5215l_firmware:-", "cpe:/o:intel:xeon_silver_4116t_firmware:-", "cpe:/o:intel:xeon_platinum_8160t_firmware:-", "cpe:/o:intel:xeon_gold_5217_firmware:-", "cpe:/o:intel:xeon_gold_6240_firmware:-", "cpe:/o:intel:xeon_platinum_8160f_firmware:-", "cpe:/o:intel:xeon_bronze_3204_firmware:-", "cpe:/o:intel:xeon_platinum_8260l_firmware:-", "cpe:/o:intel:xeon_gold_6230r_firmware:-", "cpe:/o:intel:xeon_gold_6146_firmware:-", "cpe:/o:intel:xeon_gold_6138f_firmware:-", "cpe:/o:intel:xeon_platinum_8256_firmware:-", "cpe:/o:intel:xeon_silver_4108_firmware:-", "cpe:/o:intel:xeon_platinum_9242_firmware:-", "cpe:/o:intel:xeon_gold_5118_firmware:-", "cpe:/o:intel:xeon_gold_6212u_firmware:-", "cpe:/o:intel:xeon_platinum_8276l_firmware:-", "cpe:/o:intel:xeon_gold_6210u_firmware:-", "cpe:/o:intel:xeon_platinum_8180_firmware:-", "cpe:/o:intel:xeon_gold_6240l_firmware:-", "cpe:/o:intel:xeon_gold_5220s_firmware:-"], "id": "CVE-2020-0590", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-0590", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:intel:xeon_gold_5215l_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_silver_4215_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_platinum_8160_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_silver_4112_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6130f_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6240y_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6222v_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6146_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_platinum_8160t_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6258r_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_silver_4210t_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6210u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_silver_4210r_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_5218r_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_silver_4210_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6212u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6126t_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_5218_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6238_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_platinum_8176_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6238r_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6244_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_platinum_8276_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_5220t_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_platinum_8280l_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_silver_4108_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_5218t_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6134_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_platinum_8153_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_silver_4109t_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_platinum_8256_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_5222_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_5118_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_5115_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_bronze_3104_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_platinum_8280_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6252_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_platinum_8164_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_bronze_3204_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6138t_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_5218n_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6240_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_platinum_8260y_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_5122_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_silver_4209t_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_platinum_9221_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_platinum_9222_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_5220s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_silver_4116t_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6240l_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6136_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_silver_4215r_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_platinum_8158_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_platinum_8270_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6130t_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_platinum_9282_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_silver_4114t_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6240r_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_silver_4208_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_platinum_8176f_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_silver_4116_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6238t_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6252n_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_5220r_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6152_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_platinum_8156_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6144_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6140_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6230r_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6246_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6262v_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6208u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6242_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_5218b_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6209u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_bronze_3106_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6248r_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6226r_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_platinum_8260_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_silver_4114_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:fas\\/aff_bios:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_silver_4110_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_platinum_8276l_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6230n_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_silver_4214r_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6230t_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_5217_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_platinum_8268_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6142_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6246r_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_5119t_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6234_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_platinum_8160f_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6154_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_5220_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6138p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_5120_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6138_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6226_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_bronze_3206r_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_silver_4214y_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_platinum_8170_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6248_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6142f_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_platinum_8260l_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6126_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6150_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_silver_4216_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6132_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6238l_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_5215_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_platinum_8180_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6126f_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6250l_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6250_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6130_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6148_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_silver_4214_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_platinum_8168_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6242r_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_5120t_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6128_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_platinum_9242_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6254_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_platinum_8253_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6148f_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6230_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6138f_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:xeon_gold_6256_firmware:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-05T14:22:52", "description": "Improper buffer restrictions in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-12T18:15:00", "type": "cve", "title": "CVE-2020-0591", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-0591"], "modified": "2022-04-26T16:33:00", "cpe": ["cpe:/o:siemens:simatic_cpu_1518-4_firmware:*", "cpe:/o:intel:bios:-", "cpe:/o:siemens:simatic_cpu_1518f-4_firmware:*"], "id": "CVE-2020-0591", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-0591", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:siemens:simatic_cpu_1518-4_firmware:*:*:*:*:*:*:*:*", "cpe:2.3:o:siemens:simatic_cpu_1518f-4_firmware:*:*:*:*:*:*:*:*", "cpe:2.3:o:intel:bios:-:*:*:*:*:*:*:*"]}], "f5": [{"lastseen": "2023-02-08T16:52:54", "description": "Out of bounds write in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or denial of service via local access. ([CVE-2020-0592](<https://vulners.com/cve/CVE-2020-0592>))\n\nImpact\n\nBIG-IP\n\nAn attacker may exploit the improper input validation in BIOS firmware to potentially enable escalation of privilege and/or denial of service (DoS) via local access. The following platforms are vulnerable:\n\n * BIG-IP i850, i2000, i4000 series\n\nFor more information, refer to [Hardware Knowledge Centers](<https://support.f5.com/csp/knowledge-center/hardware>).\n", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-01T01:18:00", "type": "f5", "title": "Intel CPU vulnerability CVE-2020-0592", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-0592"], "modified": "2021-08-04T21:56:00", "id": "F5:K04160444", "href": "https://support.f5.com/csp/article/K04160444", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-08T16:52:53", "description": "Improper buffer restrictions in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. ([CVE-2020-0591](<https://vulners.com/cve/CVE-2020-0591>))\n\nImpact\n\nBIG-IP\n\nAn attacker may exploit the improper input validation in BIOS firmware to potentially create a denial of service by way of local access. The following platforms are vulnerable:\n\n * BIG-IP i850, i2000, i4000 series\n\nFor more information, refer to [Hardware Platforms in Knowledge Center](<https://support.f5.com/csp/knowledge-center/hardware>)\n", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-01T02:11:00", "type": "f5", "title": "Intel CPU vulnerability CVE-2020-0591", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-0591"], "modified": "2021-08-04T21:57:00", "id": "F5:K82356391", "href": "https://support.f5.com/csp/article/K82356391", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2023-05-17T16:46:59", "description": "Improper buffer restrictions in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.", "cvss3": {}, "published": "2023-05-02T00:00:00", "type": "nessus", "title": "Siemens (CVE-2020-0591)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-0591"], "modified": "2023-05-02T00:00:00", "cpe": ["cpe:/o:siemens:simatic_cpu_1518-4_firmware", "cpe:/o:siemens:simatic_cpu_1518f-4_firmware"], "id": "TENABLE_OT_SIEMENS_CVE-2020-0591.NASL", "href": "https://www.tenable.com/plugins/ot/501088", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(501088);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/02\");\n\n script_cve_id(\"CVE-2020-0591\");\n\n script_name(english:\"Siemens (CVE-2020-0591)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote OT asset is affected by a vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"Improper buffer restrictions in BIOS firmware for some Intel(R)\nProcessors may allow a privileged user to potentially enable\nescalation of privilege via local access.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.\");\n # https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00358\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f80d097d\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security.netapp.com/advisory/ntap-20201113-0001/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cert-portal.siemens.com/productcert/pdf/ssa-501073.pdf\");\n script_set_attribute(attribute:\"solution\", value:\n\"Refer to the vendor advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-0591\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/05/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:siemens:simatic_cpu_1518-4_firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:siemens:simatic_cpu_1518f-4_firmware\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Tenable.ot\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"tenable_ot_api_integration.nasl\");\n script_require_keys(\"Tenable.ot/Siemens\");\n\n exit(0);\n}\n\n\ninclude('tenable_ot_cve_funcs.inc');\n\nget_kb_item_or_exit('Tenable.ot/Siemens');\n\nvar asset = tenable_ot::assets::get(vendor:'Siemens');\n\nvar vuln_cpes = {\n \"cpe:/o:siemens:simatic_cpu_1518-4_firmware\" :\n {\"family\" : \"S71500\"},\n \"cpe:/o:siemens:simatic_cpu_1518f-4_firmware\" :\n {\"family\" : \"S71500\"}\n};\n\ntenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "ics": [{"lastseen": "2023-06-02T15:04:27", "description": "## 1\\. EXECUTIVE SUMMARY\n\n * **CVSS v3 7.8**\n * **ATTENTION:** Low attack complexity\n * **Vendor: **Siemens\n * **Equipment: **SIMATIC S7-1500 CPU 1518F-4\n * **Vulnerabilities:** Improper Initialization, Improper Restriction of Operations within the Bounds of a Memory Buffer\n\n## 2\\. RISK EVALUATION\n\nSuccessful exploitation of these Intel product vulnerabilities could allow unauthorized privilege escalation.\n\n## 3\\. TECHNICAL DETAILS\n\n### 3.1 AFFECTED PRODUCTS\n\nThe following versions of SIMATIC S7-1500 CPU 1518-4, are affected by vulnerabilities in Intel products:\n\n * SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (MLFB: 6ES7518-4AX00-1AC0, 6AG1518-4AX00-4AC0, incl. SIPLUS variant): All versions\n * SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (MLFB: 6ES7518-4FX00-1AC0): All versions\n\n### 3.2 VULNERABILITY OVERVIEW\n\n#### 3.2.1 [IMPROPER INITIALIZATION CWE-665](<https://cwe.mitre.org/data/definitions/665.html>)\n\nImproper initialization in subsystem for Intel(R) CSME may allow a privileged user to enable escalation of privilege via local access.\n\n[CVE-2020-8744](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-8744>) has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been assigned; the CVSS vector string is ([AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H>)).\n\n#### 3.2.2 [IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS CWE-119](<https://cwe.mitre.org/data/definitions/119.html>)\n\nImproper buffer restrictions in BIOS firmware for some Intel(R) Processors may allow a privileged user to enable escalation of privilege via local access.\n\n[CVE-2020-0591](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-0591>) has been assigned to this vulnerability. A CVSS v3 base score of 6.7 has been assigned; the CVSS vector string is ([AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H>)).\n\n### 3.3 BACKGROUND\n\n * **CRITICAL INFRASTRUCTURE SECTORS: **Multiple\n * **COUNTRIES/AREAS DEPLOYED: **Worldwide\n * **COMPANY HEADQUARTERS LOCATION: **Germany\n\n### 3.4 RESEARCHER\n\nSiemens reported these vulnerabilities to CISA.\n\n## 4\\. MITIGATIONS\n\nSiemens has identified the following specific workarounds and mitigations users can apply to reduce risk:\n\n * As a prerequisite for an attack, an attacker must be able to run untrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code if possible.\n * Applying a Defense-in-Depth concept can help to reduce the probability that untrusted code is run on the system. Siemens recommends applying the [Defense-in-Depth concept](<https://www.siemens.com/industrialsecurity>).\n\nFor additional information, please refer to Siemens Security Advisory [SSA-501073 ](<https://cert-portal.siemens.com/productcert/pdf/ssa-501073.pdf>)\n\nCISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:\n\n * Minimize network exposure for all control system devices and/or systems, and ensure that they are [not accessible from the Internet](<https://us-cert.cisa.gov/ics/alerts/ICS-ALERT-10-301-01>).\n * Locate control system networks and remote devices behind firewalls, and isolate them from the business network.\n * When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices.\n\nCISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\n\nCISA also provides a section for [control systems security recommended practices](<https://us-cert.cisa.gov/ics/recommended-practices>) on the ICS webpage on [us-cert.cisa.gov](<https://us-cert.cisa.gov/ics>). Several recommended practices are available for reading and download, including [Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies](<https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf>).\n\nAdditional mitigation guidance and recommended practices are publicly available on the [ICS webpage on us-cert.cisa.gov](<https://us-cert.cisa.gov/ics>) in the Technical Information Paper, [ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies](<https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B>).\n\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.\n\nCISA also recommends users take the following measures to protect themselves from social engineering attacks:\n\n * Do not click web links or open unsolicited attachments in email messages.\n * Refer to [Recognizing and Avoiding Email Scams](<https://us-cert.cisa.gov/sites/default/files/publications/emailscams_0905.pdf>) for more information on avoiding email scams.\n * Refer to [Avoiding Social Engineering and Phishing Attacks](<https://us-cert.cisa.gov/ncas/tips/ST04-014>) for more information on social engineering attacks.\n\nNo known public exploits specifically target these vulnerabilities. These vulnerabilities are not exploitable remotely.\n\n### Vendor\n\nSiemens\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-05-11T12:00:00", "type": "ics", "title": "Siemens SIMATIC S7-1500", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-0591", "CVE-2020-8744"], "modified": "2021-05-11T12:00:00", "id": "ICSA-21-131-15", "href": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-131-15", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-06T15:17:18", "description": "## 1\\. EXECUTIVE SUMMARY\n\n * **CVSS v3 7.8**\n * **ATTENTION:** Low attack complexity\n * **Vendor:** Siemens\n * **Equipment:** Industrial PCs and CNC devices\n * **Vulnerabilities:** Improper Input Validation, Improper Authentication, Improper Isolation of Shared Resources on System-on-a-Chip, Improper Privilege Management\n\n## 2\\. UPDATE INFORMATION\n\nThis updated advisory is a follow-up to the original advisory titled ICSA-22-132-05 Siemens Industrial PCs and CNC devices that was published May 12, 2022, on the ICS webpage on cisa.gov/ICS\n\n## 3\\. RISK EVALUATION\n\nSuccessful exploitation of these vulnerabilities may allow an authenticated user to enable escalation of privilege via local access.\n\n## 4\\. TECHNICAL DETAILS\n\n### 4.1 AFFECTED PRODUCTS\n\nSiemens reports these vulnerabilities affect the following Industrial PCs and CNC devices:\n\n * SIMATIC Drive Controller family: All versions prior to v05.00.01.00\n * SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants): All versions prior to v0209_0105\n * SIMATIC Field PG M5: All BIOS versions prior to v22.01.08\n\n**\\--------- Begin Update A Part 1 of 2 ---------**\n\n * SIMATIC Field PG M6: All versions prior to v26.01.08\n\n**\\--------- End Update A Part 1 of 2 ---------**\n\n * SIMATIC IPC127E: All versions\n * SIMATIC IPC427E (incl. SIPLUS variants): All BIOS versions prior to v21.01.15\n * SIMATIC IPC477E: All BIOS versions prior to v21.01.15\n * SIMATIC IPC477E Pro: All BIOS versions prior to v21.01.15\n * SIMATIC IPC527G: All BIOS versions prior to v1.4.0\n * SIMATIC IPC527G: All BIOS versions prior to v1.4.0\n * SIMATIC IPC547G: All versions prior to R1.30.0\n * SIMATIC IPC627E: All BIOS versions prior to v25.02.08\n * SIMATIC IPC647E: All BIOS versions prior to v25.02.08\n * SIMATIC IPC677E: All BIOS versions prior to v25.02.08\n * SIMATIC IPC847E: All BIOS versions prior to v25.02.08\n * SIMATIC ITP1000: All BIOS versions prior to v23.01.08\n * SINUMERIK 828D HW PU.4: All versions prior to v08.00.00.00\n * SINUMERIK MC MCU 1720: All versions prior to v05.00.00.00\n * SINUMERIK ONE / SINUMERIK 840D sl Handheld Terminal HT 10: All versions\n * SINUMERIK ONE NCU 1740: All versions prior to v04.00.00.00\n * SINUMERIK ONE PPU 1740: All versions prior to v06.00.00.00\n\n### 4.2 VULNERABILITY OVERVIEW\n\n#### 4.2.1 [IMPROPER INPUT VALIDATION CWE-20](<https://cwe.mitre.org/data/definitions/20.html>)\n\nImproper input validation in BIOS firmware for some Intel processors may allow an authenticated user to potentially enable escalation of privilege via local access.\n\n[CVE-2020-0590](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-0590>) has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is ([AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C>)).\n\n#### 4.2.2 [IMPROPER AUTHENTICATION CWE-287](<https://cwe.mitre.org/data/definitions/287.html>)\n\nInsufficient access control in the Linux kernel driver for some Intel processors may allow an authenticated user to potentially enable information disclosure via local access.\n\n[CVE-2020-8694](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-8694>) has been assigned to this vulnerability. A CVSS v3 base score of 5.6 has been calculated; the CVSS vector string is ([AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C>)).\n\n#### 4.2.3 [IMPROPER ISOLATION OF SHARED RESOURCES ON SYSTEM-ON-A-CHIP CWE-1189](<https://cwe.mitre.org/data/definitions/1189.html>)\n\nImproper isolation of shared resources in some Intel processors may allow an authenticated user to potentially enable information disclosure via local access.\n\n[CVE-2020-8698](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-8698>) has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is ([AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C>)).\n\n#### 4.2.4 [IMPROPER PRIVILEGE MANAGEMENT CWE-269](<https://cwe.mitre.org/data/definitions/269.html>)\n\nInsufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.\n\n[CVE-2020-8745](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-8745>) has been assigned to this vulnerability. A CVSS v3 base score of 6.8 has been calculated; the CVSS vector string is ([AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C>)).\n\n### 4.3 BACKGROUND\n\n * **CRITICAL INFRASTRUCTURE SECTORS:** Multiple Sectors\n * **COUNTRIES/AREAS DEPLOYED: **Worldwide\n * **COMPANY HEADQUARTERS LOCATION:** Germany\n\n### 4.4 RESEARCHER\n\nSiemen reported these vulnerabilities to CISA.\n\n## 5\\. MITIGATIONS\n\nSiemens has released updates for several affected products and is currently working on BIOS updates that include chipset microcode updates for further products.\n\n * SIMATIC Drive Controller family: Update BIOS to v05.00.01.00. The update can be obtained from a Siemens account manager\n * SIMATIC ET 200SP Open Controller CPU 1515SP PC2: [Update BIOS to v0209_0105](<https://support.industry.siemens.com/cs/ww/en/view/109743969/>) or later versions\n * SIMATIC Field PG M5: [Update BIOS to v22.01.08](<https://support.industry.siemens.com/cs/ww/en/view/109763408>)\n\n**\\--------- Begin Update A Part 2 of 2 ---------**\n\n * SIMATIC Field PG M6: [Update BIOS to v26.01.08](<https://support.industry.siemens.com/cs/ww/en/view/109763408>) or later version\n\n**\\--------- End Update A Part 2 of 2 ---------**\n\n * SIMATIC IPC127E: [Update BIOS to v27.01.05](<https://support.industry.siemens.com/cs/ww/en/view/109763408>)\n * SIMATIC IPC427E (incl. SIPLUS variants): [Update BIOS to v21.01.15](<https://support.industry.siemens.com/cs/ww/en/view/109763408>)\n * SIMATIC IPC477E: [Update BIOS to v21.01.15](<https://support.industry.siemens.com/cs/ww/en/view/109763408>)\n * SIMATIC IPC477E Pro: [Update BIOS to v21.01.15](<https://support.industry.siemens.com/cs/ww/en/view/109763408>)\n * SIMATIC IPC527G: [Update BIOS to v1.4.0](<https://support.industry.siemens.com/cs/ww/en/view/109763408>)\n * SIMATIC IPC547G: [Update BIOS to R1.30.0](<https://support.industry.siemens.com/cs/ww/en/view/109763408>)\n * SIMATIC IPC627E: [Update BIOS to v25.02.08](<https://support.industry.siemens.com/cs/ww/en/view/109763408>)\n * SIMATIC IPC647E: [Update BIOS to v25.02.08](<https://support.industry.siemens.com/cs/ww/en/view/109763408>)\n * SIMATIC IPC677E: [Update BIOS to v25.02.08](<https://support.industry.siemens.com/cs/ww/en/view/109763408>)\n * SIMATIC IPC847E: [Update BIOS to v25.02.08](<https://support.industry.siemens.com/cs/ww/en/view/109763408>)\n * SIMATIC ITP1000: [Update BIOS to v23.01.08](<https://support.industry.siemens.com/cs/ww/en/view/109763408>)\n * SINUMERIK 828D HW PU.4: Update BIOS to v08.00.00.00. SINUMERIK software can be obtained from a Siemens account manager\n * SINUMERIK MC MCU 1720: Update BIOS to v05.00.00.00. SINUMERIK software can be obtained from a Siemens account manager\n * SINUMERIK ONE NCU 1740: Update BIOS to v04.00.00.00. SINUMERIK software can be obtained from a Siemens account manager\n * SINUMERIK ONE PPU 1740: Update BIOS to v06.00.00.00. SINUMERIK software can be obtained from a Siemens account manager\n\nSiemens has identified the following specific workarounds and mitigations users can apply to reduce risk:\n\n * Siemens recommends limiting the possibilities to run untrusted code.\n * Siemens recommends [applying the defense-in-depth concept](<https://www.siemens.com/industrialsecurity>) to reduce the probability for untrusted code to run on the system.\n\nAs a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to [Siemens\u2019 operational guidelines for industrial security](<https://www.siemens.com/cert/operational-guidelines-industrial-security>) and following recommendations in the product manuals.\n\nAdditional information on industrial security by Siemens can be found on the [Siemens industrial security webpage](<https://www.siemens.com/industrialsecurity>).\n\nFor more information see Siemens Security Advisory [SSA-678983](<https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf>)\n\nCISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\n\nCISA also provides a section for [control systems security recommended practices](<https://www.cisa.gov/uscert/ics/recommended-practices>) on the [ICS webpage on cisa.gov](<https://cisa.gov/ics>) Several recommended practices are available for reading and download, including [Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies](<https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf>).\n\nAdditional mitigation guidance and recommended practices are publicly available on the [ICS webpage on cisa.gov](<https://cisa.gov/ics>) in the Technical Information Paper, [ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies](<https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B>).\n\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.\n\nNo known public exploits specifically target these vulnerabilities. These vulnerabilities are not exploitable remotely.\n\n### Vendor\n\nSiemens\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-12-15T12:00:00", "type": "ics", "title": "Siemens Industrial PCs and CNC devices (Update A)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-0590", "CVE-2020-8694", "CVE-2020-8698", "CVE-2020-8745"], "modified": "2022-12-15T12:00:00", "id": "ICSA-22-132-05", "href": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-132-05", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "cert": [{"lastseen": "2023-06-06T17:12:53", "description": "### Overview\n\nF5 BIG-IP provides a Traffic Management User Interface (TMUI), also referred to as the Configuration utility, that has multiple vulnerabilities including a remotely exploitable [command injection](<https://cwe.mitre.org/data/definitions/74.html>) vulnerability that can be used to execute arbitrary commands and subsequently take control of a vulnerable system.\n\n### Description\n\nF5 BIG-IP devices provide load-balancing capability to application services such as HTTP and DNS. The F5 BIG-IP TMUI management web interface improperly neutralizes untrusted user input and can be abused by unauthenticated remote attackers to perform malicious activities such as cross-site scripting (XSS), cross-site request forgery (CSRF), and command injection [CWE-74](<https://cwe.mitre.org/data/definitions/74.html>). F5 has also announced that BIG-IP devices do not properly enforce access controls to sensitive configuration files that be read and overwritten by an authenticated user via Secure Copy (SCP). The vulnerability identified by CVE-2020-0592 can be abused to achieve arbitrary code execution on the target device with root privileges.\n\nUnderlying causes and factors in these vulnerabilities include:\n\n * Improper configuration and a lack of identify checks, see recent article from NCC Group. [Understanding the root cause of F5 Networks K52145254: TMUI RCE vulnerability CVE-2020-5902](<https://research.nccgroup.com/2020/07/12/understanding-the-root-cause-of-f5-networks-k52145254-tmui-rce-vulnerability-cve-2020-5902/>)\n * The TMUI fails to enforce proper authentication and authorization, see [OWASP Recommendations](<https://cheatsheetseries.owasp.org/cheatsheets/Authorization_Testing_Automation_Cheat_Sheet.html>)\n * The TMUI web interface does not normalize user's input to prevent both XSS and CSRF, allowing a [\"Deadly Combinations of XSS and CSRF\"](<https://owasp.org/www-pdf-archive/OTD2011-SK.pdf>)\n * Lack of role-based access checks allows for for unexpected file access, see [Role-Based Access Control Models](<https://csrc.nist.gov/CSRC/media/Projects/Role-Based-Access-Control/documents/sandhu96.pdf>)\n\nF5 recommends that the TMUI web interface should be accessible only from a secure or an out-of-band network and not directly from the Internet ([K13092](<https://support.f5.com/csp/article/K13092>)). However, many installations, as observed by [Bad Packets](<https://badpackets.net/over-3000-f5-big-ip-endpoints-vulnerable-to-cve-2020-5902/>), do not seem to follow this recommendation.\n\n### Impact\n\nAn unauthenticated attacker with network access to the TMUI may be able to execute arbitrary system commands, create or delete files, disable services, and subsequently execute arbitrary code with high privileges such as root. An authenticated user is also be able to perform unexpected activities such as changing configuration files on a vulnerable device.\n\n### Solution\n\n#### Apply updates\n\nF5 has provided updated software for the several impacted versions of BIG-IP devices. Note that BIG-IP appliances as well as virtual instances are also vulnerable as identified by F5 advisories. It is highly recommended that you upgrade to the latest secure and stable software provided by F5. These updates are essential to your device's security, even if the TMUI is not accessible over the Internet. The upgrade reduces the risk to your device being compromised using CSRF or XSS attacks.\n\n#### Workarounds\n\nIn many cases, an attack against BIG-IP's recent vulnerabilities require access to TMUI. Blocking or disabling access to TMUI from untrusted networks is highly recommended. F5 has also provided multiple temporary workaround options in their advisory.\n\n### Acknowledgements\n\nSeveral of these vulnerabilities were reported by Mikhail Klyuchnikov of Positive Technologies, who worked with F5 on a coordinated disclosure.\n\nThis document was written by Vijay Sarvepalli.\n\n### Vendor Information\n\n290915\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n### F5 Networks Inc. __ Affected\n\nUpdated: 2020-07-08 **CVE-2020-5902**| Affected \n---|--- \n**CVE-2020-5903**| Affected \n**CVE-2020-5904**| Affected \n**CVE-2020-5905**| Affected \n**CVE-2020-5906**| Affected \n**CVE-2020-5907**| Affected \n**CVE-2020-5908**| Affected \n \n#### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n#### References\n\n * <https://support.f5.com/csp/article/K52145254>\n * <https://support.f5.com/csp/article/K43638305>\n * <https://support.f5.com/csp/article/K31301245>\n * <https://support.f5.com/csp/article/K07051153>\n * <https://support.f5.com/csp/article/K82518062>\n * <https://support.f5.com/csp/article/K00091341>\n * <https://support.f5.com/csp/article/K33023560>\n\n#### CERT Addendum\n\nPlease see recent advisories provided by F5 to address these vulnerabilities.\n\n \n\n\n### References\n\n * <https://support.f5.com/csp/article/K52145254>\n * <https://support.f5.com/csp/article/K43638305>\n * <https://support.f5.com/csp/article/K31301245>\n * <https://support.f5.com/csp/article/K07051153>\n * <https://support.f5.com/csp/article/K82518062>\n * <https://support.f5.com/csp/article/K00091341>\n * <https://support.f5.com/csp/article/K33023560>\n * <https://github.com/yassineaboukir/CVE-2020-5902>\n * <https://research.nccgroup.com/2020/07/12/understanding-the-root-cause-of-f5-networks-k52145254-tmui-rce-vulnerability-cve-2020-5902/>\n\n### Other Information\n\n**CVE IDs:** | [CVE-2020-5902 ](<http://web.nvd.nist.gov/vuln/detail/CVE-2020-5902>) [CVE-2020-5903 ](<http://web.nvd.nist.gov/vuln/detail/CVE-2020-5903>) [CVE-2020-5904 ](<http://web.nvd.nist.gov/vuln/detail/CVE-2020-5904>) [CVE-2020-5905 ](<http://web.nvd.nist.gov/vuln/detail/CVE-2020-5905>) [CVE-2020-5906 ](<http://web.nvd.nist.gov/vuln/detail/CVE-2020-5906>) [CVE-2020-5907 ](<http://web.nvd.nist.gov/vuln/detail/CVE-2020-5907>) [CVE-2020-5908 ](<http://web.nvd.nist.gov/vuln/detail/CVE-2020-5908>) \n---|--- \n**Date Public:** | 2020-06-30 \n**Date First Published:** | 2020-07-08 \n**Date Last Updated: ** | 2020-07-13 14:00 UTC \n**Document Revision: ** | 2 \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-07-08T00:00:00", "type": "cert", "title": "F5 BIG-IP contains multiple vulnerabilities including unauthenticated remote command execution", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-0592", "CVE-2020-5902", "CVE-2020-5903", "CVE-2020-5904", "CVE-2020-5905", "CVE-2020-5906", "CVE-2020-5907", "CVE-2020-5908"], "modified": "2020-07-13T14:00:00", "id": "VU:290915", "href": "https://www.kb.cert.org/vuls/id/290915", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}