Xeon Bronze 3206R Firmware
CVE-2020-0590
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.
AnalysisAI
Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Technical ContextAI
This vulnerability is classified under CWE-20. Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. Affected products include: Intel Xeon Bronze 3206R Firmware, Intel Xeon Gold 5218R Firmware, Intel Xeon Gold 5220R Firmware, Intel Xeon Gold 6208U Firmware, Intel Xeon Gold 6226R Firmware.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Xeon Bronze 3206R Firmware
View allNon-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized
Improper input validation for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable denial
Improper access control for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially enable infor
Same weakness CWE-20 – Improper Input Validation
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today