CVE-2020-8675 — Vulnetix

CVE-2020-8675 PUBLISHED CVSS 6.800000190734863 MEDIUM

Insufficient control flow management in firmware build and signing tool for Intel(R) Innovation Engine before version 1.0.859 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

EPSS 0.10% · 27.0th percentile

Risk Scores

CVSS 3.1

6.800000190734863

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

0.10%

27.0th percentile

Affected Products

Vendor	Product	Versions
intel	innovation_engine_firmware	0
n/a	Intel(R)Innovation Engine Advisory	before version 1.0.859

Exploit Intelligence

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00366.html (circl)

Timeline

Jun 10, 2020 CVE Published
Apr 14, 2021 EPSS Score
Jun 23, 2021 EPSS Score
Aug 24, 2021 EPSS Score
Oct 26, 2021 EPSS Score
Dec 27, 2021 EPSS Score
Feb 28, 2022 EPSS Score
Apr 1, 2022 EPSS Score
May 1, 2022 EPSS Score
Jul 3, 2022 EPSS Score
Sep 4, 2022 EPSS Score
Nov 6, 2022 EPSS Score

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00366.html url
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00322.html advisory
https://software.intel.com/security-software-guidance/processors-affected-transient-execution-attack-mitigation-product-cpu-model advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00320.html advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00266.html advisory
https://nvd.nist.gov/vuln/detail/CVE-2020-8675 advisory

Open in Interactive Console →