16 matches found
CVE-2020-8696
CVE-2020-8696 is an information-disclosure issue in Intel processors resolved by microcode updates. The vulnerability arises from improper removal of sensitive data before storage/transfer, enabling a local attacker with authenticated access to potentially disclose information. Connected advisori...
CVE-2020-8698
CVE-2020-8698 is an information-disclosure vulnerability in Intel microcode affecting shared-resource isolation. An authenticated local attacker could disclose data via RAPL/isolation weaknesses. Public detail confirms affected Intel processors and that mitigations are microcode updates released ...
CVE-2020-24511
CVE-2020-24511 is an information-disclosure vulnerability due to improper isolation of shared resources in some Intel processors, exploitable by a local, authenticated attacker. Connected advisories confirm affected microcode updates and remediation paths. Arch Linux advisory ASA-202106-34 recomm...
CVE-2020-24512
CVE-2020-24512 is an Intel processor microcode issue described as an observable timing discrepancy that may permit information disclosure via local access. Connected advisories/versions show the vulnerability addressed by updated Intel microcode released around 2021-06-08 (e.g., microcode-2021060...
CVE-2021-0060
CVE-2021-0060 affects Intel Chipset Firmware’s Server Platform Services (SPS) HECI, where insufficient compartmentalization could let an authenticated user escalate privileges with physical access. Affected products include Intel SPS firmwares, before versions SPS_E5_04.01.04.516.0, SPS_E5_04.04....
CVE-2020-12358
CVE-2020-12358 involves a firmware out-of-bounds write in Intel processors that can allow a privileged local attacker to cause a denial of service. The vulnerability affects Intel processor firmware via local access and is documented in Intel’s advisory Intel-SA-00463, which also lists related CV...
CVE-2020-12357
CVE-2020-12357 describes an improper initialization in the firmware for some Intel processors that could allow a privileged user to escalate privileges via local access. The vulnerability is documented in Intel’s IPU BIOS advisory (INTEL-SA-00463) and is linked to the same family of processor fir...
CVE-2020-24486
CVE-2020-24486 is an Intel firmware vulnerability caused by improper input validation in the firmware of some Intel processors. An authenticated local attacker could potentially cause a denial of service. The issue is described in Intel’s advisory as part of a family of firmware vulnerabilities; ...
CVE-2020-8670
CVE-2020-8670 is a race-condition flaw in Intel processor firmware that could allow a local privileged attack. No public exploits are known in the provided documents. Affected data indicates local access is required, with INTEL-SA advisories (INTEL-SA-00463) and related mitigations referenced by ...
CVE-2020-8738
CVE-2020-8738 is tied to Intel BIOS platform sample code with an improper conditions check that may allow a locally authenticated user to escalate privileges on certain Intel processors. The CVE is detailed in Intel advisory Intel-SA-00390, which also covers related CVEs (8739, 8740, 8764) and ma...
CVE-2020-8700
Affected software/hardware: Intel processors firmware. Root cause: Improper input validation in the firmware. Impact: Privilege escalation via local access by a privileged user; confidentiality, integrity, and availability may be affected (CVSS v3.1 base 6.7). Exploitation info: Not detailed in t...
CVE-2020-8764
CVE-2020-8764 corresponds to an Intel BIOS platform sample code vulnerability causing improper access control that may allow a locally authenticated user to escalate privileges in certain Intel processors. The issue is tied to Intel BIOS platform sample code and BIOS firmware for multiple process...
CVE-2020-12360
CVE-2020-12360 describes an out-of-bounds read in the firmware of some Intel processors that could allow a local, authenticated attacker to escalate privileges. Affected items include various Intel-enabled systems where firmware/UEFI code handles memory bounds improperly. Mitigations are vendor-s...
CVE-2020-12359
CVE-2020-12359 concerns Intel processor firmware with insufficient control flow management. The vulnerability could allow an unauthenticated user to escalate privileges via physical access. Connected sources tie this to Intel processor firmware issues and list remediation paths in affected IBM Cl...
CVE-2020-8740
CVE-2020-8740 is an out-of-bounds write in Intel BIOS platform sample code for certain Intel processors that may allow a locally authenticated attacker to escalate privileges. The Intel advisory (INTEL-SA-00390) documents this alongside related CVEs and indicates updates to BIOS platform sample c...
CVE-2020-8739
CVE-2020-8739 covers use of a potentially dangerous function in Intel BIOS platform sample code for some Intel processors that may allow an authenticated user to escalate privileges via local access. Public details enumerate affected families (e.g., 2nd Gen Xeon Scalable, Core X-series, Xeon W, X...