CVE-2020-0571

Improper conditions check in BIOS firmware for 8th Generation Intel(R) Core(TM) Processors and Intel(R) Pentium(R) Silver Processor Series may allow an authenticated user to potentially enable information disclosure via local access.

CVSS v3.0 5.5 MEDIUM
CVSS v2.0 2.1 LOW

5.5^/10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

2.1^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00347.html	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:intel:bios:-:*:*:*:*:*:*:*

OR	cpe:2.3:h:intel:core_i3_8100:-:::::::*
	cpe:2.3:h:intel:core_i3_8100f:-:::::::*
	cpe:2.3:h:intel:core_i3_8100t:-:::::::*
	cpe:2.3:h:intel:core_i3_8300:-:::::::*
	cpe:2.3:h:intel:core_i3_8300t:-:::::::*
	cpe:2.3:h:intel:core_i3_8350k:-:::::::*
	cpe:2.3:h:intel:core_i5_8400:-:::::::*
	cpe:2.3:h:intel:core_i5_8400t:-:::::::*
	cpe:2.3:h:intel:core_i5_8500:-:::::::*
	cpe:2.3:h:intel:core_i5_8500t:-:::::::*
	cpe:2.3:h:intel:core_i5_8600:-:::::::*
	cpe:2.3:h:intel:pentium_silver_j5005:-:::::::*
	cpe:2.3:h:intel:pentium_silver_n5000:-:::::::*
	cpe:2.3:h:intel:pentium_silver_j5040:-:::::::*
	cpe:2.3:h:intel:pentium_silver_n5030:-:::::::*
	cpe:2.3:h:intel:core_i7_8086k:-:::::::*
	cpe:2.3:h:intel:core_i7_8700k:-:::::::*
	cpe:2.3:h:intel:core_i7_8700:-:::::::*
	cpe:2.3:h:intel:core_i7_8700t:-:::::::*
	cpe:2.3:h:intel:core_i5_8600k:-:::::::*
	cpe:2.3:h:intel:core_i5_8600t:-:::::::*

Information

Published : 2020-10-05 07:15

Updated : 2021-07-21 04:39

NVD link : CVE-2020-0571

Mitre link : CVE-2020-0571

JSON object : View

CWE

NVD-CWE-noinfo

Products Affected

intel

pentium_silver_j5040
core_i5_8400t
core_i5_8600
core_i5_8500
core_i7_8700k
core_i3_8350k
core_i7_8086k
bios
core_i3_8100t
pentium_silver_n5000
core_i5_8600k
core_i7_8700t
core_i7_8700
core_i5_8400
core_i5_8500t
core_i5_8600t
core_i3_8100
core_i3_8300
core_i3_8300t
core_i3_8100f
pentium_silver_n5030
pentium_silver_j5005

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00347.html", "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00347.html", "tags": ["Vendor Advisory"], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Improper conditions check in BIOS firmware for 8th Generation Intel(R) Core(TM) Processors and Intel(R) Pentium(R) Silver Processor Series may allow an authenticated user to potentially enable information disclosure via local access."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2020-0571", "ASSIGNER": "secure@intel.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "LOW", "acInsufInfo": false, "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}}, "publishedDate": "2020-10-05T14:15Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:intel:bios:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:intel:core_i3_8100:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:intel:core_i3_8100f:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:intel:core_i3_8100t:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:intel:core_i3_8300:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:intel:core_i3_8300t:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:intel:core_i3_8350k:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:intel:core_i5_8400:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:intel:core_i5_8400t:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:intel:core_i5_8500:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:intel:core_i5_8500t:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:intel:core_i5_8600:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:intel:pentium_silver_j5005:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:intel:pentium_silver_n5000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:intel:pentium_silver_j5040:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:intel:pentium_silver_n5030:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:intel:core_i7_8086k:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:intel:core_i7_8700k:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:intel:core_i7_8700:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:intel:core_i7_8700t:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:intel:core_i5_8600k:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:intel:core_i5_8600t:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2021-07-21T11:39Z"}

5.5 /10

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

2.1 /10

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

JSON object

Attach tags to CVE-2020-0571

5.5^/10

2.1^/10

Attach tags to `CVE-2020-0571`