CVE-2020-24497

CWE-863Incorrect Authorization3 documents3 sources
Severity
4.4MEDIUM
EPSS
0.1%
top 82.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Intel Ethernet Network Adapter E810 Firmware
Timeline
PublishedFeb 17
Latest updateMay 24

Description

Insufficient Access Control in the firmware for Intel(R) E810 Ethernet Controllers before version 1.4.1.13 may allow a privileged user to potentially enable denial of service via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:HExploitability: 0.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5intel(r)_e810_ethernet_controllersbefore version 1.4.1.13

Patches

Patch: www.intel.comPatch: www.intel.com

🔴Vulnerability Details

2
GHSA
GHSA-ppxj-47mh-cmj8: Insufficient Access Control in the firmware for Intel(R) E810 Ethernet Controllers before version 12022-05-24
CVEList
CVE-2020-24497: Insufficient Access Control in the firmware for Intel(R) E810 Ethernet Controllers before version 12021-02-17
CVE-2020-24497 (MEDIUM CVSS 4.4) | Insufficient Access Control in the | cvebase.io