CVE-2020-5955

{"id": "CVE-2020-5955", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2021-11-03T01:15:06.930", "references": [{"url": "https://security.netapp.com/advisory/ntap-20220223-0003/", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.insyde.com/products", "tags": ["Product", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.insyde.com/security-pledge/SA-2021002", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Int15MicrocodeSmm in Insyde InsydeH2O before 2021-10-14 on Intel client chipsets. A caller may be able to escalate privileges."}, {"lang": "es", "value": "Se ha detectado un problema en Int15MicrocodeSmm en Insyde InsydeH2O versiones anteriores al 14-10-2021 en los chipsets de cliente de Intel. Un llamador puede ser capaz de escalar privilegios"}], "lastModified": "2022-07-12T17:42:04.277", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49B10F08-8822-419B-BE72-9B0F0FDBA89C", "versionEndExcluding": "05.32.30.0001"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:ice_lake:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B9827649-F3DA-4197-8641-05B12431D434"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8440F3DC-D7AE-4EAE-9112-A01A762F46E0", "versionEndExcluding": "05.41.35.0001"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:tiger_lake:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "986A1A76-AA3C-4397-BFAE-29A3103CD412"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E1C4703-C877-472C-954F-119D8EB7866F", "versionEndExcluding": "05.42.11.0026"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:whitley-sp:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "84B00972-4647-4DB3-BA0E-F58C9ADD1DB9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "830C9C4E-5CF4-4F84-A92B-2176AE509C88", "versionEndExcluding": "05.04.21.0068"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:grantley-ep:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "07CF50C6-6DC2-4058-8F5B-3E33C734B86A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "45F8BEBA-0C8B-4699-ADCB-56885B6F0B44", "versionEndExcluding": "05.42.09.0003"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:elkhart_lake:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3B58C169-F3F2-4B41-962A-0FB92B207E05"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "610A6535-8169-4CAB-B022-14368CFBB2A0", "versionEndExcluding": "05.21.51.0040"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:purley-ep_refresh_neon_city:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "88C7EDAC-EBE0-48FC-9950-0B32709B9CE7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AFD6BD59-D5C8-4213-BE9D-75EB9BBFA805", "versionEndExcluding": "05.34.09.0030"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:comet_lake_rvp:-:*:*:*:embedded:*:*:*", "vulnerable": false, "matchCriteriaId": "8CE71A90-4BEE-4069-A833-AB48F90B8D4C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AFD6BD59-D5C8-4213-BE9D-75EB9BBFA805", "versionEndExcluding": "05.34.09.0030"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:comet_lake_rvp:-:*:*:*:server:*:*:*", "vulnerable": false, "matchCriteriaId": "1C719D29-A53A-4306-BBFD-DD9593690FEE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "01B35D63-9DBA-4BAE-97E0-853571AC058F", "versionEndExcluding": "05.32.47.0001"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:comet_lake:-:*:*:*:client:*:*:*", "vulnerable": false, "matchCriteriaId": "F39F745E-46B0-4218-9D70-9E5F0B0FE712"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "280A6232-C93A-4412-A064-D452AE893195", "versionEndExcluding": "05.23.45.0023"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:whiskey_lake_rvp:-:*:*:*:embedded:*:*:*", "vulnerable": false, "matchCriteriaId": "C750C54A-FF27-4E5D-948E-EC45CB3E173D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "280A6232-C93A-4412-A064-D452AE893195", "versionEndExcluding": "05.23.45.0023"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:whiskey_lake_rvp:-:*:*:*:server:*:*:*", "vulnerable": false, "matchCriteriaId": "17A03701-8970-4EBE-B558-11D1A7D78BD1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3FFD82F7-0C18-4C74-B11A-95C15E4257C9", "versionEndExcluding": "05.21.43.0001"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:whiskey_lake:-:*:*:*:client:*:*:*", "vulnerable": false, "matchCriteriaId": "F8A01C84-AE70-494A-A66D-61BD219A0AA3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62789BFF-C9FF-44DB-945C-99589420A1D2", "versionEndExcluding": "05.23.04.0045"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:mehlow:-:*:*:*:embedded:*:*:*", "vulnerable": false, "matchCriteriaId": "5087D8BD-9C5D-4B90-94B1-0EF734AD81E4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62789BFF-C9FF-44DB-945C-99589420A1D2", "versionEndExcluding": "05.23.04.0045"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:mehlow-r:-:*:*:*:embedded:*:*:*", "vulnerable": false, "matchCriteriaId": "354D0BAE-82FB-4E64-B206-D7420E8856D7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62789BFF-C9FF-44DB-945C-99589420A1D2", "versionEndExcluding": "05.23.04.0045"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:mehlow-r:-:*:*:*:server:*:*:*", "vulnerable": false, "matchCriteriaId": "B8F5C48C-7F5B-4992-8152-49728D6DB995"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62789BFF-C9FF-44DB-945C-99589420A1D2", "versionEndExcluding": "05.23.04.0045"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:mehlow:-:*:*:*:server:*:*:*", "vulnerable": false, "matchCriteriaId": "69B8125F-E78E-4074-BA32-14460F55B5C7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3FFD82F7-0C18-4C74-B11A-95C15E4257C9", "versionEndExcluding": "05.21.43.0001"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:coffee_lake:-:*:*:*:client:*:*:*", "vulnerable": false, "matchCriteriaId": "04621E54-7E61-4706-B97D-EDC5669C0C55"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3FFD82F7-0C18-4C74-B11A-95C15E4257C9", "versionEndExcluding": "05.21.43.0001"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:cannon_lake:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9F825206-FB87-4DC2-B37A-9CCD1FEE4E96"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09456E7A-46AA-43D7-ABF5-651472387BE5", "versionEndExcluding": "05.11.26.0015"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:kaby_lake_mrd:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "47F89003-B752-4D2C-A403-92D0BB5BAFA5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4E6AFF2-0CA3-4361-9EDE-78C1786452CA", "versionEndExcluding": "05.12.09.0075"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:greenlow:-:*:*:*:embedded:*:*:*", "vulnerable": false, "matchCriteriaId": "9926BF3D-78E2-457D-A428-CC7907B28D8B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4E6AFF2-0CA3-4361-9EDE-78C1786452CA", "versionEndExcluding": "05.12.09.0075"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:greenlow-r:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "401E968C-3B59-4200-953F-0050DBA90E46"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4E6AFF2-0CA3-4361-9EDE-78C1786452CA", "versionEndExcluding": "05.12.09.0075"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:greenlow:-:*:*:*:server:*:*:*", "vulnerable": false, "matchCriteriaId": "7217CA4C-2C31-40B5-9BDF-74ECC241CC0D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4E6AFF2-0CA3-4361-9EDE-78C1786452CA", "versionEndExcluding": "05.12.09.0075"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:greenlow-r:-:*:*:*:embedded:*:*:*", "vulnerable": false, "matchCriteriaId": "EC92BE81-62A8-4732-B73F-A29CA1B36B12"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69A69D67-E130-4602-BC13-35A73263A6FC", "versionEndExcluding": "05.10.48.0001"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:kaby_lake:-:*:*:*:client:*:*:*", "vulnerable": false, "matchCriteriaId": "48A18996-C8E8-48D4-A176-9C912F46C8DD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "517F7ACF-C762-44F9-ACAC-A2204CEB5C42", "versionEndExcluding": "05.05.39.0001"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:skylake_mrd:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "463588A2-53C5-45B6-B07B-9D261F43AEDA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74DC7C5E-921F-4BEA-B0B7-86463C782669", "versionEndExcluding": "05.04.15.0001"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:skylake:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4607961C-25DF-499E-A713-D101FE995F1B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17BF510F-2795-434C-B0A4-B80539D415B2", "versionEndExcluding": "05.23.27.0001"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:coffee_lake:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "26FB314D-1062-4CA8-A5E9-6EFB612D8DB3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17BF510F-2795-434C-B0A4-B80539D415B2", "versionEndExcluding": "05.23.27.0001"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:whiskey_lake:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "66A81E2D-E1A6-4B0F-B7F3-C76927598E1C"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}