CVE-2020-5955

An issue was discovered in Int15MicrocodeSmm in Insyde InsydeH2O before 2021-10-14 on Intel client chipsets. A caller may be able to escalate privileges.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:ice_lake:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:tiger_lake:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:whitley-sp:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:grantley-ep:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:elkhart_lake:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:purley-ep_refresh_neon_city:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:comet_lake_rvp:-:*:*:*:embedded:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:comet_lake_rvp:-:*:*:*:server:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:comet_lake:-:*:*:*:client:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:whiskey_lake_rvp:-:*:*:*:embedded:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:whiskey_lake_rvp:-:*:*:*:server:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:whiskey_lake:-:*:*:*:client:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:mehlow:-:*:*:*:embedded:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:mehlow-r:-:*:*:*:embedded:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:mehlow-r:-:*:*:*:server:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:mehlow:-:*:*:*:server:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:coffee_lake:-:*:*:*:client:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:cannon_lake:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:kaby_lake_mrd:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:greenlow:-:*:*:*:embedded:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:greenlow-r:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:greenlow:-:*:*:*:server:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:greenlow-r:-:*:*:*:embedded:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:kaby_lake:-:*:*:*:client:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:skylake_mrd:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:skylake:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND
cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:coffee_lake:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND
cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:whiskey_lake:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:34

Type Values Removed Values Added
References () https://security.netapp.com/advisory/ntap-20220223-0003/ - Third Party Advisory () https://security.netapp.com/advisory/ntap-20220223-0003/ - Third Party Advisory
References () https://www.insyde.com/products - Product, Vendor Advisory () https://www.insyde.com/products - Product, Vendor Advisory
References () https://www.insyde.com/security-pledge/SA-2021002 - Vendor Advisory () https://www.insyde.com/security-pledge/SA-2021002 - Vendor Advisory

12 Jul 2022, 17:42

Type Values Removed Values Added
CWE CWE-269 NVD-CWE-noinfo

12 Apr 2022, 18:05

Type Values Removed Values Added
References (CONFIRM) https://security.netapp.com/advisory/ntap-20220223-0003/ - (CONFIRM) https://security.netapp.com/advisory/ntap-20220223-0003/ - Third Party Advisory

24 Feb 2022, 15:15

Type Values Removed Values Added
References
  • (CONFIRM) https://security.netapp.com/advisory/ntap-20220223-0003/ -

10 Nov 2021, 17:00

Type Values Removed Values Added
References (CONFIRM) https://www.insyde.com/security-pledge/SA-2021002 - (CONFIRM) https://www.insyde.com/security-pledge/SA-2021002 - Vendor Advisory
References (MISC) https://www.insyde.com/products - (MISC) https://www.insyde.com/products - Product, Vendor Advisory
CPE cpe:2.3:h:intel:mehlow-r:-:*:*:*:embedded:*:*:*
cpe:2.3:o:insyde:insydeh2o_uefi_bios:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:whiskey_lake:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:comet_lake:-:*:*:*:client:*:*:*
cpe:2.3:h:intel:greenlow:-:*:*:*:server:*:*:*
cpe:2.3:h:intel:greenlow-r:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:coffee_lake:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:skylake:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:kaby_lake_mrd:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:tiger_lake:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:cannon_lake:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:greenlow:-:*:*:*:embedded:*:*:*
cpe:2.3:h:intel:coffee_lake:-:*:*:*:client:*:*:*
cpe:2.3:h:intel:whitley-sp:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:purley-ep_refresh_neon_city:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:mehlow:-:*:*:*:server:*:*:*
cpe:2.3:h:intel:mehlow-r:-:*:*:*:server:*:*:*
cpe:2.3:h:intel:comet_lake_rvp:-:*:*:*:server:*:*:*
cpe:2.3:h:intel:mehlow:-:*:*:*:embedded:*:*:*
cpe:2.3:h:intel:whiskey_lake_rvp:-:*:*:*:server:*:*:*
cpe:2.3:h:intel:comet_lake_rvp:-:*:*:*:embedded:*:*:*
cpe:2.3:h:intel:whiskey_lake_rvp:-:*:*:*:embedded:*:*:*
cpe:2.3:h:intel:whiskey_lake:-:*:*:*:client:*:*:*
cpe:2.3:h:intel:elkhart_lake:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:grantley-ep:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:kaby_lake:-:*:*:*:client:*:*:*
cpe:2.3:h:intel:ice_lake:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:skylake_mrd:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:greenlow-r:-:*:*:*:embedded:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : 7.5
v3 : 9.8
CWE CWE-269

03 Nov 2021, 01:15

Type Values Removed Values Added
New CVE

Information

Published : 2021-11-03 01:15

Updated : 2024-11-21 05:34


NVD link : CVE-2020-5955

Mitre link : CVE-2020-5955

CVE.ORG link : CVE-2020-5955


JSON object : View

Products Affected

intel

  • greenlow
  • grantley-ep
  • mehlow-r
  • coffee_lake
  • greenlow-r
  • whiskey_lake_rvp
  • kaby_lake_mrd
  • mehlow
  • purley-ep_refresh_neon_city
  • skylake
  • whitley-sp
  • comet_lake_rvp
  • elkhart_lake
  • tiger_lake
  • ice_lake
  • kaby_lake
  • whiskey_lake
  • skylake_mrd
  • comet_lake
  • cannon_lake

insyde

  • insydeh2o_uefi_bios