Core I5 7600K Firmware
CVE-2020-0528
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Improper buffer restrictions in BIOS firmware for 7th, 8th, 9th and 10th Generation Intel(R) Core(TM) Processor families may allow an authenticated user to potentially enable escalation of privilege and/or denial of service via local access.
AnalysisAI
Improper buffer restrictions in BIOS firmware for 7th, 8th, 9th and 10th Generation Intel(R) Core(TM) Processor families may allow an authenticated user to potentially enable escalation of privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
Improper buffer restrictions in BIOS firmware for 7th, 8th, 9th and 10th Generation Intel(R) Core(TM) Processor families may allow an authenticated user to potentially enable escalation of privilege and/or denial of service via local access. Affected products include: Intel Core I5-7600K Firmware, Intel Core I5-7600T Firmware, Intel Core I5-7600 Firmware, Intel Core I5-7500 Firmware, Intel Core I5-7500T Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Core I5 7600K Firmware
View allImproper initialization in BIOS firmware for 8th, 9th and 10th Generation Intel(R) Core(TM) Processor families may allow
Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R)
Improper conditions check in voltage settings for some Intel(R) Processors may allow a privileged user to potentially en
Improper input validation for some Intel(R) Processors may allow an authenticated user to potentially cause a denial of
Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authe
Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially ena
Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to p
Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially
Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure
Insufficient access control in protected memory subsystem for SMM for 6th, 7th, 8th and 9th Generation Intel(R) Core(TM)
Improper conditions check in multiple Intel® Processors may allow an authenticated user to potentially enable partial es
Insufficient access control in protected memory subsystem for Intel(R) SGX for 6th, 7th, 8th, 9th Generation Intel(R) Co
Same technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today