CVE-2020-8672

Out of bound read in BIOS firmware for 8th, 9th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 Series Processors may allow an unauthenticated user to potentially enable elevation of privilege or denial of service via local access.

CVSS v3 7.8 HIGH
CVSS v2.0 4.6 MEDIUM

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

4.6^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00356.html	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:intel:bios:-:*:*:*:*:*:*:*

OR	cpe:2.3:h:intel:celeron_4205u:-:::::::*
	cpe:2.3:h:intel:celeron_4305u:-:::::::*
	cpe:2.3:h:intel:celeron_4305ue:-:::::::*
	cpe:2.3:h:intel:core_i3_8100:-:::::::*
	cpe:2.3:h:intel:core_i3_8100f:-:::::::*
	cpe:2.3:h:intel:core_i3_8100t:-:::::::*
	cpe:2.3:h:intel:core_i3_8300:-:::::::*
	cpe:2.3:h:intel:core_i3_8300t:-:::::::*
	cpe:2.3:h:intel:core_i3_8350k:-:::::::*
	cpe:2.3:h:intel:core_i3_9100:-:::::::*
	cpe:2.3:h:intel:core_i3_9100f:-:::::::*
	cpe:2.3:h:intel:core_i3_9100t:-:::::::*
	cpe:2.3:h:intel:core_i3_9300:-:::::::*
	cpe:2.3:h:intel:core_i3_9300t:-:::::::*
	cpe:2.3:h:intel:core_i3_9320:-:::::::*
	cpe:2.3:h:intel:core_i3_9350k:-:::::::*
	cpe:2.3:h:intel:core_i3_9350kf:-:::::::*
	cpe:2.3:h:intel:core_i5_8400:-:::::::*
	cpe:2.3:h:intel:core_i5_8400t:-:::::::*
	cpe:2.3:h:intel:core_i5_8500:-:::::::*
	cpe:2.3:h:intel:core_i5_8500t:-:::::::*
	cpe:2.3:h:intel:core_i5_8600:-:::::::*
	cpe:2.3:h:intel:core_i5_8600k:-:::::::*
	cpe:2.3:h:intel:core_i5_8600t:-:::::::*
	cpe:2.3:h:intel:core_i5_9400:-:::::::*
	cpe:2.3:h:intel:core_i5_9400f:-:::::::*
	cpe:2.3:h:intel:core_i5_9400t:-:::::::*
	cpe:2.3:h:intel:core_i5_9500:-:::::::*
	cpe:2.3:h:intel:core_i5_9500f:-:::::::*
	cpe:2.3:h:intel:core_i5_9500t:-:::::::*
	cpe:2.3:h:intel:core_i5_9600:-:::::::*
	cpe:2.3:h:intel:core_i5_9600k:-:::::::*
	cpe:2.3:h:intel:core_i5_9600kf:-:::::::*
	cpe:2.3:h:intel:core_i5_9600t:-:::::::*
	cpe:2.3:h:intel:core_i7_8086k:-:::::::*
	cpe:2.3:h:intel:core_i7_8700:-:::::::*
	cpe:2.3:h:intel:core_i7_8700k:-:::::::*
	cpe:2.3:h:intel:core_i7_8700t:-:::::::*
	cpe:2.3:h:intel:core_i7_9700:-:::::::*
	cpe:2.3:h:intel:core_i7_9700f:-:::::::*
	cpe:2.3:h:intel:core_i7_9700k:-:::::::*
	cpe:2.3:h:intel:core_i7_9700kf:-:::::::*
	cpe:2.3:h:intel:core_i7_9700t:-:::::::*
	cpe:2.3:h:intel:core_i9_9900:-:::::::*
	cpe:2.3:h:intel:core_i9_9900k:-:::::::*
	cpe:2.3:h:intel:core_i9_9900kf:-:::::::*
	cpe:2.3:h:intel:core_i9_9900ks:-:::::::*
	cpe:2.3:h:intel:core_i9_9900t:-:::::::*

History

No history.

Information

Published : 2021-02-02 22:15

Updated : 2024-02-04 21:23

NVD link : CVE-2020-8672

Mitre link : CVE-2020-8672

CVE.ORG link : CVE-2020-8672

JSON object : View

Products Affected

intel

core_i3_9300
core_i3_8100f
core_i5_9600t
core_i5_8500t
core_i5_9400t
core_i5_8400
core_i3_9100t
core_i5_9500
core_i5_9400
core_i7_8700t
celeron_4305ue
core_i7_9700k
core_i5_9600k
core_i3_8300t
bios
core_i3_9100f
core_i7_8700
core_i7_9700f
core_i5_8600k
core_i9_9900kf
core_i9_9900ks
core_i7_8086k
celeron_4205u
core_i5_8600t
core_i7_9700kf
core_i5_9400f
core_i3_9300t
core_i5_8600
core_i3_9320
core_i9_9900
core_i5_9600
core_i3_8100t
core_i5_9500t
core_i3_8300
core_i7_9700t
core_i3_8100
core_i3_8350k
core_i5_9600kf
core_i9_9900t
core_i3_9100
core_i3_9350k
core_i7_8700k
celeron_4305u
core_i7_9700
core_i9_9900k
core_i5_8400t
core_i5_9500f
core_i3_9350kf
core_i5_8500

CWE

CWE-125

Out-of-bounds Read

7.8 /10