CVE-2020-24513

Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

CVSS v3.0 6.5 MEDIUM
CVSS v2.0 2.1 LOW

6.5^/10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.0 / Impact : 4.0

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope CHANGED

2.1^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00465.html	Vendor Advisory
https://www.debian.org/security/2021/dsa-4934	Third Party Advisory
https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html	Mailing List Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:intel:atom_c3308:-:::::::*
	cpe:2.3:h:intel:atom_c3336:-:::::::*
	cpe:2.3:h:intel:atom_c3338:-:::::::*
	cpe:2.3:h:intel:atom_c3338r:-:::::::*
	cpe:2.3:h:intel:atom_c3436l:-:::::::*
	cpe:2.3:h:intel:atom_c3508:-:::::::*
	cpe:2.3:h:intel:atom_c3538:-:::::::*
	cpe:2.3:h:intel:atom_c3558:-:::::::*
	cpe:2.3:h:intel:atom_c3558r:-:::::::*
	cpe:2.3:h:intel:atom_c3558rc:-:::::::*
	cpe:2.3:h:intel:atom_c3708:-:::::::*
	cpe:2.3:h:intel:atom_c3750:-:::::::*
	cpe:2.3:h:intel:atom_c3758:-:::::::*
	cpe:2.3:h:intel:atom_c3758r:-:::::::*
	cpe:2.3:h:intel:atom_c3808:-:::::::*
	cpe:2.3:h:intel:atom_c3830:-:::::::*
	cpe:2.3:h:intel:atom_c3850:-:::::::*
	cpe:2.3:h:intel:atom_c3858:-:::::::*
	cpe:2.3:h:intel:atom_c3950:-:::::::*
	cpe:2.3:h:intel:atom_c3955:-:::::::*
	cpe:2.3:h:intel:atom_c3958:-:::::::*
	cpe:2.3:h:intel:atom_p5942b:-:::::::*
	cpe:2.3:h:intel:atom_x5-a3930:-:::::::*
	cpe:2.3:h:intel:atom_x5-a3940:-:::::::*
	cpe:2.3:h:intel:atom_x5-a3950:-:::::::*
	cpe:2.3:h:intel:atom_x5-a3960:-:::::::*
	cpe:2.3:h:intel:atom_x6200fe:-:::::::*
	cpe:2.3:h:intel:atom_x6211e:-:::::::*
	cpe:2.3:h:intel:atom_x6212re:-:::::::*
	cpe:2.3:h:intel:atom_x6413e:-:::::::*
	cpe:2.3:h:intel:atom_x6425e:-:::::::*
	cpe:2.3:h:intel:atom_x6425re:-:::::::*
	cpe:2.3:h:intel:atom_x6427fe:-:::::::*
	cpe:2.3:h:intel:celeron_j3355:-:::::::*
	cpe:2.3:h:intel:celeron_j3355e:-:::::::*
	cpe:2.3:h:intel:celeron_j3455:-:::::::*
	cpe:2.3:h:intel:celeron_j3455e:-:::::::*
	cpe:2.3:h:intel:celeron_j4005:-:::::::*
	cpe:2.3:h:intel:celeron_j4025:-:::::::*
	cpe:2.3:h:intel:celeron_j4105:-:::::::*
	cpe:2.3:h:intel:celeron_j4125:-:::::::*
	cpe:2.3:h:intel:celeron_j6413:-:::::::*
	cpe:2.3:h:intel:celeron_n3350:-:::::::*
	cpe:2.3:h:intel:celeron_n3350e:-:::::::*
	cpe:2.3:h:intel:celeron_n3450:-:::::::*
	cpe:2.3:h:intel:celeron_n4000:-:::::::*
	cpe:2.3:h:intel:celeron_n4020:-:::::::*
	cpe:2.3:h:intel:celeron_n4100:-:::::::*
	cpe:2.3:h:intel:celeron_n4120:-:::::::*
	cpe:2.3:h:intel:celeron_n6211:-:::::::*
	cpe:2.3:h:intel:core_i3-l13g4:-:::::::*
	cpe:2.3:h:intel:core_i5-l16g7:-:::::::*
	cpe:2.3:h:intel:p5921b:-:::::::*
	cpe:2.3:h:intel:p5931b:-:::::::*
	cpe:2.3:h:intel:p5962b:-:::::::*
	cpe:2.3:h:intel:pentium_j4205:-:::::::*
	cpe:2.3:h:intel:pentium_j6425:-:::::::*
	cpe:2.3:h:intel:pentium_n4200:-:::::::*
	cpe:2.3:h:intel:pentium_n4200e:-:::::::*
	cpe:2.3:h:intel:pentium_n6415:-:::::::*
	cpe:2.3:h:intel:pentium_silver_j5005:-:::::::*
	cpe:2.3:h:intel:pentium_silver_j5040:-:::::::*
	cpe:2.3:h:intel:pentium_silver_n5000:-:::::::*
	cpe:2.3:h:intel:pentium_silver_n5030:-:::::::*

Configuration 2 (hide)

OR	cpe:2.3:o:debian:debian_linux:9.0:::::::*
	cpe:2.3:o:debian:debian_linux:10.0:::::::*

Configuration 3 (hide)

AND

cpe:2.3:o:siemens:simatic_drive_controller_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_drive_controller:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:siemens:simatic_et_200sp_open_controller_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_et_200sp_open_controller:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:siemens:simatic_ipc127e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_ipc127e:-:*:*:*:*:*:*:*

Information

Published : 2021-06-09 12:15

Updated : 2022-04-22 09:20

NVD link : CVE-2020-24513

Mitre link : CVE-2020-24513

JSON object : View

CWE

NVD-CWE-noinfo

Products Affected

intel

pentium_silver_j5040
celeron_n4120
p5921b
celeron_j3455
atom_c3308
atom_c3808
atom_c3558
atom_x6200fe
atom_c3558r
atom_c3338
atom_c3955
celeron_j4105
atom_c3830
celeron_n6211
atom_x6211e
celeron_j3355e
atom_c3508
atom_c3950
atom_x6425e
celeron_n3450
atom_c3538
atom_c3750
atom_c3758r
p5962b
atom_x6427fe
atom_c3858
atom_x5-a3950
celeron_j4025
pentium_n4200e
atom_c3436l
atom_x6413e
atom_c3958
atom_x5-a3960
p5931b
pentium_silver_n5000
celeron_j4005
atom_c3850
atom_x5-a3930
atom_c3758
atom_x6425re
atom_x6212re
pentium_n4200
celeron_n4100
pentium_silver_j5005
atom_p5942b
celeron_j4125
core_i3-l13g4
atom_c3336
atom_c3558rc
atom_c3338r
celeron_j3455e
pentium_n6415
celeron_n4020
atom_c3708
celeron_j6413
pentium_j4205
celeron_n3350
atom_x5-a3940
celeron_n3350e
pentium_silver_n5030
core_i5-l16g7
celeron_n4000
celeron_j3355
pentium_j6425

siemens

simatic_drive_controller_firmware
simatic_et_200sp_open_controller_firmware
simatic_ipc127e_firmware
simatic_ipc127e
simatic_drive_controller
simatic_et_200sp_open_controller

debian

debian_linux

6.5 /10

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope CHANGED

2.1 /10

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

JSON object

Attach tags to CVE-2020-24513

6.5^/10

2.1^/10

Attach tags to `CVE-2020-24513`