Insufficient Control Flow Management in Intel SPS Products
CVE-2020-24509

6.7MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Sps Versions
Vendor: CVE Published:; 9 June 2021

What is CVE-2020-24509?

Insufficient control flow management in the Intel Scalable Processor System allows a privileged user to potentially escalate their privileges through local access. This vulnerability affects various versions of the SPS product line, making it crucial for administrators to ensure that their systems are updated and secured against potential exploitation. For further details, consult Intel's advisory and related security documentation.

Affected Version(s)

Intel(R) SPS versions before SPS_E3_05.01.04.300.0, SPS_SoC-A_05.00.03.091.0, SPS_E5_04.04.04.023.0, or SPS_E5_04.04.03.263.0

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20210611-0003/

x_refsource_CONFIRM

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 9, 2021
Vulnerability Reserved
Aug 19, 2020