Vulnerabilities > CVE-2020-8705 - Insecure Default Initialization of Resource vulnerability in Intel products
Attack vector
PHYSICAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Insecure default initialization of resource in Intel(R) Boot Guard in Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions before 3.1.80 and 4.0.30, Intel(R) SPS versions before E5_04.01.04.400, E3_04.01.04.200, SoC-X_04.00.04.200 and SoC-A_04.00.04.300 may allow an unauthenticated user to potentially enable escalation of privileges via physical access.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://security.netapp.com/advisory/ntap-20201113-0002/
- https://security.netapp.com/advisory/ntap-20201113-0002/
- https://security.netapp.com/advisory/ntap-20201113-0004/
- https://security.netapp.com/advisory/ntap-20201113-0004/
- https://security.netapp.com/advisory/ntap-20201113-0005/
- https://security.netapp.com/advisory/ntap-20201113-0005/
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00391
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00391