Skip to main content

Core I5 7600K Firmware CVE-2020-0528

HIGH
2020-06-15 secure@intel.com
Denial Of Service Privilege Escalation Intel Core I5 7600K Firmware Core I5 7600T Firmware Core I5 7600 Firmware Core I5 7500 Firmware Core I5 7500T Firmware Core I5 7442Eq Firmware Core I5 7440Hq Firmware Core I5 7440Eq Firmware Core I5 7400T Firmware Core I5 7400 Firmware Core I5 7360U Firmware Core I5 7300U Firmware Core I5 7300Hq Firmware Core I5 7287U Firmware Core I5 7267U Firmware Core I5 7260U Firmware Core I5 7200U Firmware Core I5 7Y54 Firmware Core I5 7Y57 Firmware Core I7 7920Hq Firmware Core I7 7820Hq Firmware Core I7 7820Hk Firmware Core I7 7820Eq Firmware Core I7 7700Hq Firmware Core I7 7700 Firmware Core I7 7700K Firmware Core I7 7700T Firmware Core I7 7660U Firmware Core I7 7600U Firmware Core I7 7567U Firmware Core I7 7560U Firmware Core I7 7500U Firmware Core I7 7Y75 Firmware Core I7 8665Ue Firmware Core I7 8665U Firmware Core I7 8557U Firmware Core I7 8850H Firmware Core I7 8809G Firmware Core I7 8750H Firmware Core I7 8709G Firmware Core I7 8706G Firmware Core I7 8705G Firmware Core I7 8700T Firmware Core I7 8700K Firmware Core I7 8700B Firmware Core I7 8700 Firmware Core I7 8569U Firmware Core I7 8650U Firmware Core I7 8565U Firmware Core I7 8559U Firmware Core I7 8550U Firmware Core I7 8500Y Firmware Core I7 8086K Firmware Core I9 9980Hk Firmware Core I9 9880H Firmware Core I9 9900T Firmware Core I9 9900Ks Firmware Core I9 9900Kf Firmware Core I9 9900K Firmware Core I9 9900 Firmware Core I7 10875H Firmware Core I7 10850H Firmware Core I7 10810U Firmware Core I7 10750H Firmware Core I7 10710U Firmware Core I7 10700Te Firmware Core I7 10700T Firmware Core I7 10700Kf Firmware Core I7 10700K Firmware Core I7 10700F Firmware Core I7 10700E Firmware Core I7 10700 Firmware Core I7 1065G7 Firmware Core I7 10610U Firmware Core I7 1060G7 Firmware Core I7 1068Ng7 Firmware Core I7 10510U Firmware Core I7 10510Y Firmware
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Jun 15, 2020 - 14:15 nvd
HIGH 7.8

DescriptionNVD

Improper buffer restrictions in BIOS firmware for 7th, 8th, 9th and 10th Generation Intel(R) Core(TM) Processor families may allow an authenticated user to potentially enable escalation of privilege and/or denial of service via local access.

AnalysisAI

Improper buffer restrictions in BIOS firmware for 7th, 8th, 9th and 10th Generation Intel(R) Core(TM) Processor families may allow an authenticated user to potentially enable escalation of privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

Improper buffer restrictions in BIOS firmware for 7th, 8th, 9th and 10th Generation Intel(R) Core(TM) Processor families may allow an authenticated user to potentially enable escalation of privilege and/or denial of service via local access. Affected products include: Intel Core I5-7600K Firmware, Intel Core I5-7600T Firmware, Intel Core I5-7600 Firmware, Intel Core I5-7500 Firmware, Intel Core I5-7500T Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2020-0529 HIGH
7.8 Jun 15

Improper initialization in BIOS firmware for 8th, 9th and 10th Generation Intel(R) Core(TM) Processor families may allow

CVE-2019-0155 HIGH
7.8 Nov 14

Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R)

CVE-2019-11157 MEDIUM
6.7 Dec 16

Improper conditions check in voltage settings for some Intel(R) Processors may allow a privileged user to potentially en

CVE-2022-21180 MEDIUM
5.5 Jun 15

Improper input validation for some Intel(R) Processors may allow an authenticated user to potentially cause a denial of

CVE-2022-21151 MEDIUM
5.5 May 12

Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authe

CVE-2020-8695 MEDIUM
5.5 Nov 12

Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially ena

CVE-2020-8694 MEDIUM
5.5 Nov 12

Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to p

CVE-2020-0549 MEDIUM
5.5 Jan 28

Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially

CVE-2020-0548 MEDIUM
5.5 Jan 28

Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure

CVE-2019-0185 MEDIUM
5.5 Nov 14

Insufficient access control in protected memory subsystem for SMM for 6th, 7th, 8th and 9th Generation Intel(R) Core(TM)

CVE-2019-14607 MEDIUM
5.3 Dec 16

Improper conditions check in multiple Intel® Processors may allow an authenticated user to potentially enable partial es

CVE-2019-0117 MEDIUM
4.4 Nov 14

Insufficient access control in protected memory subsystem for Intel(R) SGX for 6th, 7th, 8th, 9th Generation Intel(R) Co

Share

CVE-2020-0528 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy