Search criteria
3 vulnerabilities found for innovation_engine_firmware by intel
FKIE_CVE-2020-8675
Vulnerability from fkie_nvd - Published: 2020-06-15 14:15 - Updated: 2024-11-21 05:39
Severity ?
Summary
Insufficient control flow management in firmware build and signing tool for Intel(R) Innovation Engine before version 1.0.859 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | innovation_engine_firmware | * | |
| intel | innovation_engine | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:innovation_engine_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "218FC82B-6D79-4821-90CD-AD48F50ECF70",
"versionEndExcluding": "1.0.859",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:innovation_engine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F63AEBCF-DD25-4DAB-AFAB-8CC931AE0AC5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Insufficient control flow management in firmware build and signing tool for Intel(R) Innovation Engine before version 1.0.859 may allow an unauthenticated user to potentially enable escalation of privilege via physical access."
},
{
"lang": "es",
"value": "Una administraci\u00f3n del flujo de control insuficiente en la herramienta de compilaci\u00f3n y firma del firmware para Intel\u00ae Innovation Engine versiones anteriores a 1.0.859, puede permitir a un usuario no autenticado habilitar potencialmente una escalada de privilegios por medio de un acceso f\u00edsico"
}
],
"id": "CVE-2020-8675",
"lastModified": "2024-11-21T05:39:14.183",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-15T14:15:12.517",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00366.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00366.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2020-8675 (GCVE-0-2020-8675)
Vulnerability from cvelistv5 – Published: 2020-06-15 13:52 – Updated: 2024-08-04 10:03
VLAI?
Summary
Insufficient control flow management in firmware build and signing tool for Intel(R) Innovation Engine before version 1.0.859 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
Severity ?
No CVSS data available.
CWE
- Escalation of Privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R)Innovation Engine Advisory |
Affected:
before version 1.0.859
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:03:46.289Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00366.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R)Innovation Engine Advisory",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 1.0.859"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insufficient control flow management in firmware build and signing tool for Intel(R) Innovation Engine before version 1.0.859 may allow an unauthenticated user to potentially enable escalation of privilege via physical access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-15T13:52:47",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00366.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2020-8675",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R)Innovation Engine Advisory",
"version": {
"version_data": [
{
"version_value": "before version 1.0.859"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient control flow management in firmware build and signing tool for Intel(R) Innovation Engine before version 1.0.859 may allow an unauthenticated user to potentially enable escalation of privilege via physical access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00366.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00366.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2020-8675",
"datePublished": "2020-06-15T13:52:47",
"dateReserved": "2020-02-06T00:00:00",
"dateUpdated": "2024-08-04T10:03:46.289Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8675 (GCVE-0-2020-8675)
Vulnerability from nvd – Published: 2020-06-15 13:52 – Updated: 2024-08-04 10:03
VLAI?
Summary
Insufficient control flow management in firmware build and signing tool for Intel(R) Innovation Engine before version 1.0.859 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
Severity ?
No CVSS data available.
CWE
- Escalation of Privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R)Innovation Engine Advisory |
Affected:
before version 1.0.859
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:03:46.289Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00366.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R)Innovation Engine Advisory",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 1.0.859"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insufficient control flow management in firmware build and signing tool for Intel(R) Innovation Engine before version 1.0.859 may allow an unauthenticated user to potentially enable escalation of privilege via physical access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-15T13:52:47",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00366.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2020-8675",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R)Innovation Engine Advisory",
"version": {
"version_data": [
{
"version_value": "before version 1.0.859"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient control flow management in firmware build and signing tool for Intel(R) Innovation Engine before version 1.0.859 may allow an unauthenticated user to potentially enable escalation of privilege via physical access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00366.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00366.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2020-8675",
"datePublished": "2020-06-15T13:52:47",
"dateReserved": "2020-02-06T00:00:00",
"dateUpdated": "2024-08-04T10:03:46.289Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}