Skip to main content

Severity by source

NVD PRIMARY
7.6 HIGH
AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Physical
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Sep 14, 2020 - 19:15 nvd
HIGH 7.6

DescriptionNVD

Logic error in BIOS firmware for 8th, 9th and 10th Generation Intel(R) Core(TM) Processors may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access.

AnalysisAI

Logic error in BIOS firmware for 8th, 9th and 10th Generation Intel(R) Core(TM) Processors may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or. Rated high severity (CVSS 7.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

Logic error in BIOS firmware for 8th, 9th and 10th Generation Intel(R) Core(TM) Processors may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access. Affected products include: Intel Core I7-8665Ue Firmware, Intel Core I7-8665U Firmware, Intel Core I7-8557U Firmware, Intel Core I7-8850H Firmware, Intel Core I7-8809G Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2023-25756 HIGH
8.0 Nov 14

Out-of-bounds read in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enab

CVE-2020-0529 HIGH
7.8 Jun 15

Improper initialization in BIOS firmware for 8th, 9th and 10th Generation Intel(R) Core(TM) Processor families may allow

CVE-2020-0528 HIGH
7.8 Jun 15

Improper buffer restrictions in BIOS firmware for 7th, 8th, 9th and 10th Generation Intel(R) Core(TM) Processor families

CVE-2019-0124 HIGH
7.8 Nov 14

Insufficient memory protection in Intel(R) 6th Generation Core Processors and greater, supporting TXT, may allow a privi

CVE-2019-0123 HIGH
7.8 Nov 14

Insufficient memory protection in Intel(R) 6th Generation Core Processors and greater, supporting SGX, may allow a privi

CVE-2022-0004 MEDIUM
6.8 May 12

Hardware debug modes and processor INIT setting that allow override of locks for some Intel(R) Processors in Intel(R) Bo

CVE-2019-11157 MEDIUM
6.7 Dec 16

Improper conditions check in voltage settings for some Intel(R) Processors may allow a privileged user to potentially en

CVE-2022-26047 MEDIUM
6.5 Nov 11

Improper input validation for some Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and Killer(TM) WiFi products m

CVE-2022-21151 MEDIUM
5.5 May 12

Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authe

CVE-2019-0185 MEDIUM
5.5 Nov 14

Insufficient access control in protected memory subsystem for SMM for 6th, 7th, 8th and 9th Generation Intel(R) Core(TM)

CVE-2019-0154 MEDIUM
5.5 Nov 14

Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) C

CVE-2019-14607 MEDIUM
5.3 Dec 16

Improper conditions check in multiple Intel® Processors may allow an authenticated user to potentially enable partial es

Share

CVE-2020-24457 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy