CVE-2020-24509

Insufficient control flow management in subsystem in Intel(R) SPS versions before SPS_E3_05.01.04.300.0, SPS_SoC-A_05.00.03.091.0, SPS_E5_04.04.04.023.0, or SPS_E5_04.04.03.263.0 may allow a privileged user to potentially enable escalation of privilege via local access.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:intel:server_platform_services:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:server_platform_services:sps_e3_05.01.04.300.0:*:*:*:*:*:*:*
cpe:2.3:a:intel:server_platform_services:sps_e5_04.04.03.263.0:*:*:*:*:*:*:*
cpe:2.3:a:intel:server_platform_services:sps_e5_04.04.04.023.0:*:*:*:*:*:*:*

History

21 Nov 2024, 05:14

Type Values Removed Values Added
References () https://security.netapp.com/advisory/ntap-20210611-0003/ - Third Party Advisory () https://security.netapp.com/advisory/ntap-20210611-0003/ - Third Party Advisory
References () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html - Vendor Advisory () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html - Vendor Advisory

22 Jun 2021, 21:08

Type Values Removed Values Added
References (CONFIRM) https://security.netapp.com/advisory/ntap-20210611-0003/ - (CONFIRM) https://security.netapp.com/advisory/ntap-20210611-0003/ - Third Party Advisory
References (MISC) https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html - (MISC) https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html - Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : 4.6
v3 : 6.7
CWE NVD-CWE-Other
CPE cpe:2.3:a:intel:server_platform_services:sps_e5_04.04.04.023.0:*:*:*:*:*:*:*
cpe:2.3:a:intel:server_platform_services:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:server_platform_services:sps_e5_04.04.03.263.0:*:*:*:*:*:*:*
cpe:2.3:a:intel:server_platform_services:sps_e3_05.01.04.300.0:*:*:*:*:*:*:*

11 Jun 2021, 11:15

Type Values Removed Values Added
References
  • (CONFIRM) https://security.netapp.com/advisory/ntap-20210611-0003/ -

09 Jun 2021, 19:22

Type Values Removed Values Added
New CVE

Information

Published : 2021-06-09 19:15

Updated : 2024-11-21 05:14


NVD link : CVE-2020-24509

Mitre link : CVE-2020-24509

CVE.ORG link : CVE-2020-24509


JSON object : View

Products Affected

intel

  • server_platform_services