Core I7 8665Ue Firmware
CVE-2020-24457
HIGH
Severity by source
AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Logic error in BIOS firmware for 8th, 9th and 10th Generation Intel(R) Core(TM) Processors may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access.
AnalysisAI
Logic error in BIOS firmware for 8th, 9th and 10th Generation Intel(R) Core(TM) Processors may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or. Rated high severity (CVSS 7.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
Logic error in BIOS firmware for 8th, 9th and 10th Generation Intel(R) Core(TM) Processors may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access. Affected products include: Intel Core I7-8665Ue Firmware, Intel Core I7-8665U Firmware, Intel Core I7-8557U Firmware, Intel Core I7-8850H Firmware, Intel Core I7-8809G Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Core I7 8665Ue Firmware
View allOut-of-bounds read in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enab
Improper initialization in BIOS firmware for 8th, 9th and 10th Generation Intel(R) Core(TM) Processor families may allow
Improper buffer restrictions in BIOS firmware for 7th, 8th, 9th and 10th Generation Intel(R) Core(TM) Processor families
Insufficient memory protection in Intel(R) 6th Generation Core Processors and greater, supporting TXT, may allow a privi
Insufficient memory protection in Intel(R) 6th Generation Core Processors and greater, supporting SGX, may allow a privi
Hardware debug modes and processor INIT setting that allow override of locks for some Intel(R) Processors in Intel(R) Bo
Improper conditions check in voltage settings for some Intel(R) Processors may allow a privileged user to potentially en
Improper input validation for some Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and Killer(TM) WiFi products m
Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authe
Insufficient access control in protected memory subsystem for SMM for 6th, 7th, 8th and 9th Generation Intel(R) Core(TM)
Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) C
Improper conditions check in multiple Intel® Processors may allow an authenticated user to potentially enable partial es
Same technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today