CVE-2020-8703 | Severity.io

Description

Improper buffer restrictions in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32 and 15.0.22 may allow a privileged user to potentially enable escalation of privilege via local access.

Related CPE's

a

intel

converged_security_and_manageability_engine

9

h

intel

core_i3-8100

2

h

intel

core_i3-8100b

2

h

intel

core_i3-8100h

2

h

intel

core_i3-8100t

2

h

intel

core_i3-8109u

2

h

intel

core_i3-8121u

2

h

intel

core_i3-8130u

2

h

intel

core_i3-8140u

2

h

intel

core_i3-8145u

2

h

intel

core_i3-8145ue

2

h

intel

core_i3-8300

2

h

intel

core_i3-8300t

2

h

intel

core_i3-8350k

2

h

intel

core_i5-8200y

2

h

intel

core_i5-8210y

2

h

intel

core_i5-8250u

2

h

intel

core_i5-8257u

2

h

intel

core_i5-8259u

2

h

intel

core_i5-8260u

2

h

intel

core_i5-8265u

2

h

intel

core_i5-8269u

2

h

intel

core_i5-8279u

2

h

intel

core_i5-8300h

2

h

intel

core_i5-8305g

2

h

intel

core_i5-8310y

2

h

intel

core_i5-8350u

2

h

intel

core_i5-8365u

2

h

intel

core_i5-8365ue

2

h

intel

core_i5-8400

2

h

intel

core_i5-8400b

2

h

intel

core_i5-8400h

2

h

intel

core_i5-8400t

2

h

intel

core_i5-8500

2

h

intel

core_i5-8500b

2

h

intel

core_i5-8500t

2

h

intel

core_i5-8600

2

h

intel

core_i5-8600k

2

h

intel

core_i5-8600t

2

h

intel

core_i7-8086k

2

h

intel

core_i7-8500y

2

h

intel

core_i7-8550u

2

h

intel

core_i7-8557u

2

h

intel

core_i7-8559u

2

h

intel

core_i7-8565u

2

h

intel

core_i7-8569u

2

h

intel

core_i7-8650u

2

h

intel

core_i7-8665u

2

h

intel

core_i7-8665ue

2

h

intel

core_i7-8700

2

h

intel

core_i7-8700b

2

h

intel

core_i7-8700k

2

h

intel

core_i7-8700t

2

h

intel

core_i7-8705g

2

h

intel

core_i7-8706g

2

h

intel

core_i7-8709g

2

h

intel

core_i7-8750h

2

h

intel

core_i7-8809g

2

h

intel

core_i7-8850h

2

h

intel

core_i9-8950hk

2

h

intel

pentium_gold_4410y

3

h

intel

pentium_gold_4415u

3

h

intel

pentium_gold_4415y

3

h

intel

pentium_gold_4417u

3

h

intel

pentium_gold_4425y

3

h

intel

pentium_gold_5405u

3

h

intel

pentium_gold_6405u

3

h

intel

pentium_gold_6500y

3

h

intel

pentium_gold_7505

3

h

intel

pentium_gold_g5400

3

h

intel

pentium_gold_g5400t

3

h

intel

pentium_gold_g5420

3

h

intel

pentium_gold_g5420t

3

h

intel

pentium_gold_g5500

3

h

intel

pentium_gold_g5500t

3

h

intel

pentium_gold_g5600

3

h

intel

pentium_gold_g5600t

3

h

intel

pentium_gold_g5620

3

h

intel

pentium_gold_g6400

3

h

intel

pentium_gold_g6400e

3

h

intel

pentium_gold_g6400t

3

h

intel

pentium_gold_g6400te

3

h

intel

pentium_gold_g6405

3

h

intel

pentium_gold_g6405t

3

h

intel

pentium_gold_g6500

3

h

intel

pentium_gold_g6500t

3

h

intel

pentium_gold_g6505

3

h

intel

pentium_gold_g6505t

3

h

intel

pentium_gold_g6600

3

h

intel

pentium_gold_g6605

3

h

intel

core_i3-1000g1

2

h

intel

core_i3-1000g4

2

h

intel

core_i3-1000ng4

2

h

intel

core_i3-1005g1

2

h

intel

core_i3-10100

2

h

intel

core_i3-10100e

2

h

intel

core_i3-10100f

2

h

intel

core_i3-10100t

2

h

intel

core_i3-10100te

2

h

intel

core_i3-10100y

2

h

intel

core_i3-10105

2

h

intel

core_i3-10105f

2

h

intel

core_i3-10105t

2

h

intel

core_i3-10110u

2

h

intel

core_i3-10110y

2

h

intel

core_i3-10300

2

h

intel

core_i3-10300t

2

h

intel

core_i3-10305

2

h

intel

core_i3-10305t

2

h

intel

core_i3-10320

2

h

intel

core_i3-10325

2

h

intel

core_i5-10200h

2

h

intel

core_i5-10210u

2

h

intel

core_i5-10210y

2

h

intel

core_i5-10300h

2

h

intel

core_i5-1030g4

2

h

intel

core_i5-1030g7

2

h

intel

core_i5-1030ng7

2

h

intel

core_i5-10310u

2

h

intel

core_i5-10310y

2

h

intel

core_i5-1035g1

2

h

intel

core_i5-1035g4

2

h

intel

core_i5-1035g7

2

h

intel

core_i5-1038ng7

2

h

intel

core_i5-10400

2

h

intel

core_i5-10400f

2

h

intel

core_i5-10400h

2

h

intel

core_i5-10400t

2

h

intel

core_i5-10500

2

h

intel

core_i5-10500e

2

h

intel

core_i5-10500h

2

h

intel

core_i5-10500t

2

h

intel

core_i5-10500te

2

h

intel

core_i5-10505

2

h

intel

core_i5-10600

2

h

intel

core_i5-10600k

2

h

intel

core_i5-10600kf

2

h

intel

core_i5-10600t

2

h

intel

core_i7-10510u

2

h

intel

core_i7-10510y

2

h

intel

core_i7-1060g7

2

h

intel

core_i7-1060ng7

2

h

intel

core_i7-10610u

2

h

intel

core_i7-1065g7

2

h

intel

core_i7-1068ng7

2

h

intel

core_i7-10700

2

h

intel

core_i7-10700e

2

h

intel

core_i7-10700f

2

h

intel

core_i7-10700k

2

h

intel

core_i7-10700kf

2

h

intel

core_i7-10700t

2

h

intel

core_i7-10700te

2

h

intel

core_i7-10710u

2

h

intel

core_i7-10750h

2

h

intel

core_i7-10810u

2

h

intel

core_i7-10850h

2

h

intel

core_i7-10870h

2

h

intel

core_i7-10875h

2

h

intel

core_i9-10850k

2

h

intel

core_i9-10885h

2

h

intel

core_i9-10900

2

h

intel

core_i9-10900e

2

h

intel

core_i9-10900f

2

h

intel

core_i9-10900k

2

h

intel

core_i9-10900kf

2

h

intel

core_i9-10900t

2

h

intel

core_i9-10900te

2

h

intel

core_i9-10910

2

h

intel

core_i9-10980hk

2

h

intel

x299

2

h

intel

z270

2

core_i3-1115g4e

core_i3-1115gre

core_i5-1145g7e

core_i5-1145gre

core_i5-11600kf

core_i7-11700kf

core_i7-1185g7e

core_i7-1185gre

core_i9-11900kb

core_i9-11900kf

core_i9-11980hk

Vulnerable

simatic_field_pg_m6_firmware

Vulnerable

simatic_field_pg_m6

simatic_field_pg_m5_firmware

Vulnerable

simatic_field_pg_m5

simatic_ipc427e_firmware

Vulnerable

simatic_ipc427e

simatic_ipc477e_firmware

Vulnerable

simatic_ipc477e

simatic_ipc477e_pro_firmware

Vulnerable

simatic_ipc477e_pro

simatic_ipc527g_firmware

Vulnerable

simatic_ipc527g

simatic_ipc547g_firmware

Vulnerable

simatic_ipc547g

simatic_ipc627e_firmware

Vulnerable

simatic_ipc627e

simatic_ipc647e_firmware

Vulnerable

simatic_ipc647e

simatic_ipc677e_firmware

Vulnerable

simatic_ipc677e

simatic_ipc847e_firmware

Vulnerable

simatic_ipc847e

simatic_itp1000_firmware

Vulnerable

simatic_itp1000

References

https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf

Third Party Advisory

https://security.netapp.com/advisory/ntap-20210611-0004/

Third Party Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html

Vendor Advisory

Weaknesses

[email protected]

Primary

CWE-119

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.7 · Medium

CVSS V3.1
CVSS V3.0
CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2021-06-09T19:15:09.233

4 years ago

Last modified

2022-04-22T16:20:34.717

3 years ago