CVE-2020-12309
MEDIUMIntel SSD Firmware - Unauthenticated Information Disclosure via Physical Access
Title source: llmDescription
Insufficiently protected credentialsin subsystem in some Intel(R) Client SSDs and some Intel(R) Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via physical access.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00362
Scores
CVSS v3
4.6
EPSS
0.0008
EPSS Percentile
23.0%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-522
Status
published
Products (15)
intel/optane_ssd_900p_firmware
< e2010480
intel/optane_ssd_905p_firmware
< e2010480
intel/ssd_660p_firmware
< 004c
intel/ssd_760p_firmware
< 005c
intel/ssd_dc_p4101_firmware
< 008d
intel/ssd_dc_p4510_firmware
< vdv10170
intel/ssd_dc_p4610_firmware
< vdv10170
intel/ssd_dc_p4800x_firmware
< e2010485
intel/ssd_dc_p4801x_firmware
< e2010485
intel/ssd_e_5100s_firmware
< lhf004e
... and 5 more
Published
Nov 12, 2020
Tracked Since
Feb 18, 2026