Vulnerabilities > Intel > Compute Module Hns2600Bp Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2020-08-13 CVE-2020-8712 Classic Buffer Overflow vulnerability in Intel products
Buffer overflow in a verification process for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-120
7.8
2020-08-13 CVE-2020-8709 Improper Authentication vulnerability in Intel products
Improper authentication in socket services for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
low complexity
intel CWE-287
8.8
2020-08-13 CVE-2020-8708 Improper Authentication vulnerability in Intel products
Improper authentication for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
low complexity
intel CWE-287
8.8
2020-08-13 CVE-2020-8707 Classic Buffer Overflow vulnerability in Intel products
Buffer overflow in daemon for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
low complexity
intel CWE-120
8.8
2020-08-13 CVE-2020-8706 Classic Buffer Overflow vulnerability in Intel products
Buffer overflow in a daemon for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
low complexity
intel CWE-120
8.8
2018-10-10 CVE-2018-12173 Incorrect Permission Assignment for Critical Resource vulnerability in Intel products
Insufficient access protection in firmware in Intel Server Board, Intel Server System and Intel Compute Module before firmware version 00.01.0014 may allow an unauthenticated attacker to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access.
low complexity
intel CWE-732
7.6