CVE-2020-8737
MEDIUMIntel Stratix 10 FPGA Firmware - Unauthenticated Privilege Escalation and Information Disclosure via Physical Access
Title source: llmDescription
Improper buffer restrictions in the Intel(R) Stratix(R) 10 FPGA firmware provided with the Intel(R) Quartus(R) Prime Pro software before version 20.1 may allow an unauthenticated user to potentially enable escalation of privilege and/or information disclosure via physical access.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00388
Scores
CVSS v3
6.8
EPSS
0.0008
EPSS Percentile
22.5%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (2)
intel/quartus_prime
< 20.1
intel/stratix_10_fpga_firmware
Published
Nov 12, 2020
Tracked Since
Feb 18, 2026