CVE-2020-12360

CVE Database · CVE-2020-12360

CVE-2020-12360

· HIGHModified

CVSS v3.1

7.8

EPSS

0.35%

Published

Jun 9, 2021

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Out of bounds read in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-125

Affected Products (552)

intel · biosvulnerable

intel · core_i3-l13g4

intel · core_i5-l16g7

intel · core_i7-10510u

intel · core_i7-10510y

intel · core_i7-1060g7

intel · core_i7-1060ng7

intel · core_i7-10610u

intel · core_i7-1065g7

intel · core_i7-1068ng7

intel · core_i7-10700

intel · core_i7-10700e

intel · core_i7-10700f

· core_i7-10700k

References (6)

https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf

PatchThird Party Advisory

https://security.netapp.com/advisory/ntap-20210702-0002/

Third Party Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html

Vendor Advisory

https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf

PatchThird Party Advisory

https://security.netapp.com/advisory/ntap-20210702-0002/

Third Party Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html

KEV Catalog EPSS Scores Vendors All CVEs