VDB
CVE-2020-8755
CVE-2020-8755
PUBLISHED
CVSS 6.400000095367432 MEDIUM
Race condition in subsystem for Intel(R) CSME versions before 12.0.70 and 14.0.45, Intel(R) SPS versions before E5_04.01.04.400 and E3_05.01.04.200 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
EPSS 0.07% · 20.9th percentile
Risk Scores
CVSS 3.1
6.400000095367432
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.07%
20.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | Intel(R) CSME, Intel(R) SPS | * |
| intel | server_platform_services | 0, 0 |
| intel | converged_security_and_management_engine | 0, 14.0.0 |
Exploit Intelligence
Timeline
- Nov 10, 2019 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
References
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00403.html advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00391.html advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00391 url
- https://security.netapp.com/advisory/ntap-20201113-0004/ url
- https://security.netapp.com/advisory/ntap-20201113-0002/ url
- https://nvd.nist.gov/vuln/detail/CVE-2020-8755 advisory
- https://security.netapp.com/advisory/ntap-20201113-0002 url
- https://security.netapp.com/advisory/ntap-20201113-0004 url