Skip to main content

Xeon Bronze 3206R Firmware CVE-2020-0590

HIGH
Improper Input Validation (CWE-20)
2020-11-12 secure@intel.com
Privilege Escalation Intel Xeon Bronze 3206R Firmware Xeon Gold 5218R Firmware Xeon Gold 5220R Firmware Xeon Gold 6208U Firmware Xeon Gold 6226R Firmware Xeon Gold 6230R Firmware Xeon Gold 6238R Firmware Xeon Gold 6240R Firmware Xeon Gold 6242R Firmware Xeon Gold 6246R Firmware Xeon Gold 6248R Firmware Xeon Gold 6250 Firmware Xeon Gold 6250L Firmware Xeon Gold 6256 Firmware Xeon Gold 6258R Firmware Xeon Silver 4210R Firmware Xeon Silver 4210T Firmware Xeon Silver 4214R Firmware Xeon Silver 4215R Firmware Xeon Platinum 9221 Firmware Xeon Platinum 9222 Firmware Xeon Bronze 3204 Firmware Xeon Gold 5215 Firmware Xeon Gold 5215L Firmware Xeon Gold 5217 Firmware Xeon Gold 5218 Firmware Xeon Gold 5218B Firmware Xeon Gold 5218N Firmware Xeon Gold 5218T Firmware Xeon Gold 5220 Firmware Xeon Gold 5220S Firmware Xeon Gold 5220T Firmware Xeon Gold 5222 Firmware Xeon Gold 6209U Firmware Xeon Gold 6210U Firmware Xeon Gold 6212U Firmware Xeon Gold 6222V Firmware Xeon Gold 6226 Firmware Xeon Gold 6230 Firmware Xeon Gold 6230N Firmware Xeon Gold 6230T Firmware Xeon Gold 6234 Firmware Xeon Gold 6238 Firmware Xeon Gold 6238L Firmware Xeon Gold 6238T Firmware Xeon Gold 6240 Firmware Xeon Gold 6240L Firmware Xeon Gold 6240Y Firmware Xeon Gold 6242 Firmware Xeon Gold 6244 Firmware Xeon Gold 6246 Firmware Xeon Gold 6248 Firmware Xeon Gold 6252 Firmware Xeon Gold 6252N Firmware Xeon Gold 6254 Firmware Xeon Gold 6262V Firmware Xeon Platinum 8253 Firmware Xeon Platinum 8256 Firmware Xeon Platinum 8260 Firmware Xeon Platinum 8260L Firmware Xeon Platinum 8260Y Firmware Xeon Platinum 8268 Firmware Xeon Platinum 8270 Firmware Xeon Platinum 8276 Firmware Xeon Platinum 8276L Firmware Xeon Platinum 8280 Firmware Xeon Platinum 8280L Firmware Xeon Platinum 9242 Firmware Xeon Platinum 9282 Firmware Xeon Silver 4208 Firmware Xeon Silver 4209T Firmware Xeon Silver 4210 Firmware Xeon Silver 4214 Firmware Xeon Silver 4214Y Firmware Xeon Silver 4215 Firmware Xeon Silver 4216 Firmware Xeon Gold 6138P Firmware Xeon Bronze 3104 Firmware Xeon Bronze 3106 Firmware Xeon Gold 5115 Firmware Xeon Gold 5118 Firmware Xeon Gold 5119T Firmware Xeon Gold 5120 Firmware Xeon Gold 5120T Firmware Xeon Gold 5122 Firmware Xeon Gold 6126 Firmware Xeon Gold 6126F Firmware Xeon Gold 6126T Firmware Xeon Gold 6128 Firmware Xeon Gold 6130 Firmware Xeon Gold 6130F Firmware Xeon Gold 6130T Firmware Xeon Gold 6132 Firmware Xeon Gold 6134 Firmware Xeon Gold 6136 Firmware Xeon Gold 6138 Firmware Xeon Gold 6138F Firmware Xeon Gold 6138T Firmware Xeon Gold 6140 Firmware Xeon Gold 6142 Firmware Xeon Gold 6142F Firmware Xeon Gold 6144 Firmware Xeon Gold 6146 Firmware Xeon Gold 6148 Firmware Xeon Gold 6148F Firmware Xeon Gold 6150 Firmware Xeon Gold 6152 Firmware Xeon Gold 6154 Firmware Xeon Platinum 8153 Firmware Xeon Platinum 8156 Firmware Xeon Platinum 8158 Firmware Xeon Platinum 8160 Firmware Xeon Platinum 8160F Firmware Xeon Platinum 8160T Firmware Xeon Platinum 8164 Firmware Xeon Platinum 8168 Firmware Xeon Platinum 8170 Firmware Xeon Platinum 8176 Firmware Xeon Platinum 8176F Firmware Xeon Platinum 8180 Firmware Xeon Silver 4108 Firmware Xeon Silver 4109T Firmware Xeon Silver 4110 Firmware Xeon Silver 4112 Firmware Xeon Silver 4114 Firmware Xeon Silver 4114T Firmware Xeon Silver 4116 Firmware Xeon Silver 4116T Firmware Cloud Backup Clustered Data Ontap Fas Aff Bios Simatic Ipc527G Firmware Simatic Ipc547G Firmware Simatic Ipc627E Firmware Simatic Ipc647E Firmware Simatic Ipc677E Firmware Simatic Ipc847E Firmware
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Nov 12, 2020 - 18:15 nvd
HIGH 7.8

DescriptionNVD

Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.

AnalysisAI

Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Technical ContextAI

This vulnerability is classified under CWE-20. Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. Affected products include: Intel Xeon Bronze 3206R Firmware, Intel Xeon Gold 5218R Firmware, Intel Xeon Gold 5220R Firmware, Intel Xeon Gold 6208U Firmware, Intel Xeon Gold 6226R Firmware.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Share

CVE-2020-0590 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy