CVE-2020-8705

MEDIUM

Intel(R) Boot Guard <11.8.80-14.5.25 - Privilege Escalation

Title source: llm

Description

Insecure default initialization of resource in Intel(R) Boot Guard in Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions before 3.1.80 and 4.0.30, Intel(R) SPS versions before E5_04.01.04.400, E3_04.01.04.200, SoC-X_04.00.04.200 and SoC-A_04.00.04.300 may allow an unauthenticated user to potentially enable escalation of privileges via physical access.

References (4)

[Vendor Advisory] https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00391

[Third Party Advisory] https://security.netapp.com/advisory/ntap-20201113-0004/

[Third Party Advisory] https://security.netapp.com/advisory/ntap-20201113-0005/

[Third Party Advisory] https://security.netapp.com/advisory/ntap-20201113-0002/

Scores

CVSS v3 6.8

EPSS 0.0072

EPSS Percentile 72.6%

Attack Vector PHYSICAL

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-1188

Status published

Products (7)

intel/converged_security_and_manageability_engine < 11.8.80

intel/server_platform_services sps_e3_04.01.04.200

intel/server_platform_services sps_e5_04.01.04.400

intel/server_platform_services sps_soc-a_04.00.04.300

intel/server_platform_services sps_soc-x_04.00.04.200

intel/trusted_execution_technology 3.1.80

intel/trusted_execution_technology 4.0.30

Published Nov 12, 2020

Tracked Since Feb 18, 2026