Insecure default initialization of resource in Intel(R) Boot Guard in Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions before 3.1.80 and 4.0.30, Intel(R) SPS versions before E5_04.01.04.400, E3_04.01.04.200, SoC-X_04.00.04.200 and SoC-A_04.00.04.300 may allow an unauthenticated user to potentially enable escalation of privileges via physical access.
References
Link | Resource |
---|---|
https://security.netapp.com/advisory/ntap-20201113-0002/ | Third Party Advisory |
https://security.netapp.com/advisory/ntap-20201113-0004/ | Third Party Advisory |
https://security.netapp.com/advisory/ntap-20201113-0005/ | Third Party Advisory |
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00391 | Vendor Advisory |
https://security.netapp.com/advisory/ntap-20201113-0002/ | Third Party Advisory |
https://security.netapp.com/advisory/ntap-20201113-0004/ | Third Party Advisory |
https://security.netapp.com/advisory/ntap-20201113-0005/ | Third Party Advisory |
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00391 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
21 Nov 2024, 05:39
Type | Values Removed | Values Added |
---|---|---|
References | () https://security.netapp.com/advisory/ntap-20201113-0002/ - Third Party Advisory | |
References | () https://security.netapp.com/advisory/ntap-20201113-0004/ - Third Party Advisory | |
References | () https://security.netapp.com/advisory/ntap-20201113-0005/ - Third Party Advisory | |
References | () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00391 - Vendor Advisory |
Information
Published : 2020-11-12 18:15
Updated : 2024-11-21 05:39
NVD link : CVE-2020-8705
Mitre link : CVE-2020-8705
CVE.ORG link : CVE-2020-8705
JSON object : View
Products Affected
intel
- converged_security_and_manageability_engine
- trusted_execution_technology
- server_platform_services
CWE
CWE-1188
Insecure Default Initialization of Resource