Information Disclosure Vulnerability in Intel Client and Data Center SSDs
CVE-2020-12309

4.6MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Client Ssds And Some Intel(r) Data Center Ssds
Vendor: CVE Published:; 12 November 2020

What is CVE-2020-12309?

An insufficient protection mechanism for credentials in certain Intel Client SSDs and Intel Data Center SSDs may allow an unauthorized user to exploit physical access. This vulnerability could lead to unauthorized information disclosure, posing significant security risks to systems that utilize these SSDs. Users are urged to implement mitigation strategies to safeguard sensitive data and ensure the integrity of their storage solutions.

Affected Version(s)

Intel(R) Client SSDs and some Intel(R) Data Center SSDs See references

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

CVSS V3.1

Score:

4.6

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 12, 2020
Vulnerability Reserved
Apr 28, 2020