CVE-2020-24509

3 documents3 sources
Severity
6.7MEDIUM
EPSS
0.1%
top 64.41%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Intel Server Platform Services
Timeline
PublishedJun 9
Latest updateMay 24

Description

Insufficient control flow management in subsystem in Intel(R) SPS versions before SPS_E3_05.01.04.300.0, SPS_SoC-A_05.00.03.091.0, SPS_E5_04.04.04.023.0, or SPS_E5_04.04.03.263.0 may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5intel(r)_sps_versionsversions before SPS_E3_05.01.04.300.0, SPS_SoC-A_05.00.03.091.0, SPS_E5_04.04.04.023.0, or SPS_E5_04.04.03.263.0
NVDintel/server_platform_services< sps_soc-a_05.00.03.091.0+3

🔴Vulnerability Details

2
GHSA
GHSA-6mp8-wq9g-p6q8: Insufficient control flow management in subsystem in Intel(R) SPS versions before SPS_E3_052022-05-24
CVEList
CVE-2020-24509: Insufficient control flow management in subsystem in Intel(R) SPS versions before SPS_E3_052021-06-09
CVE-2020-24509 (MEDIUM CVSS 6.7) | Insufficient control flow managemen | cvebase.io