Improper Access Control in Intel Server Boards and Systems
CVE-2020-8711

6.7MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Server Boards, Server Systems And Compute Modules Advisory
Vendor: CVE Published:; 13 August 2020

Summary

An improper access control vulnerability in the bootloader for certain Intel Server Boards, Server Systems, and Compute Modules prior to version 2.45 may allow a privileged user local access, potentially leading to escalation of privileges. This flaw highlights the importance of secure access protocols and the necessity of timely updates to mitigate potential risks.

Affected Version(s)

Intel(R) Server Boards, Server Systems and Compute Modules Advisory Before version 2.45

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20200814-0002/

x_refsource_CONFIRM

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 13, 2020
Vulnerability Reserved
Feb 6, 2020