Insufficient Access Control in Intel Ethernet 700 Series Controllers
CVE-2020-8692

6.7MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Ethernet 700 Series Controllers
Vendor: CVE Published:; 12 November 2020

Summary

Insufficient access control in the firmware of the Intel Ethernet 700 Series Controllers prior to version 7.3 may allow a privileged user to exploit the system. This could lead to escalation of privileges or denial of service via local access, potentially compromising system integrity and availability.

Affected Version(s)

Intel(R) Ethernet 700 Series Controllers before version 7.3

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 12, 2020
Vulnerability Reserved
Feb 6, 2020