CVE-2020-8745
published 2020-11-12CVE-2020-8745: Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and…
medium6.8CVSS 3.1
AVPACLPRNUINSUCHIHAH
Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25 , Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
Affected
25 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| intel | converged_security_and_manageability_engine | < 11.8.80 | 11.8.80 |
| intel | converged_security_and_manageability_engine | >= 11.12.0 < 11.12.80 | 11.12.80 |
| intel | converged_security_and_manageability_engine | >= 11.22.0 < 11.22.80 | 11.22.80 |
| intel | converged_security_and_manageability_engine | >= 12.0 < 12.0.70 | 12.0.70 |
| intel | converged_security_and_manageability_engine | >= 14.0 < 14.0.45 | 14.0.45 |
| intel | converged_security_and_manageability_engine | >= 14.5.0 < 14.5.25 | 14.5.25 |
| intel | trusted_execution_technology | < 3.1.80 | 3.1.80 |
| intel | trusted_execution_technology | >= 4.0 < 4.0.30 | 4.0.30 |
| siemens | simatic_drive_controller_firmware | < 05.00.01.00 | 05.00.01.00 |
| siemens | simatic_et200sp_1515sp_pc2_firmware | < 0209.0105 | 0209.0105 |
| siemens | simatic_field_pg_m5_firmware | < 22.01.08 | 22.01.08 |
| siemens | simatic_ipc127e_firmware | < 27.01.05 | 27.01.05 |
| siemens | simatic_ipc427e_firmware | < 27.01.05 | 27.01.05 |
| siemens | simatic_ipc477e_firmware | < 21.01.15 | 21.01.15 |
| siemens | simatic_ipc527g_firmware | < 1.4.0 | 1.4.0 |
| siemens | simatic_ipc547g_firmware | < r1.30.0 | r1.30.0 |
| siemens | simatic_ipc627e_firmware | < 25.02.08 | 25.02.08 |
| siemens | simatic_ipc647e_firmware | < 25.02.08 | 25.02.08 |
| siemens | simatic_ipc667e_firmware | < 25.02.08 | 25.02.08 |
| siemens | simatic_ipc847e_firmware | < 25.02.08 | 25.02.08 |
| siemens | simatic_itp1000_firmware | < 23.01.08 | 23.01.08 |
| siemens | sinumerik_828d_hw_pu.4_firmware | < 08.00.00.00 | 08.00.00.00 |
| siemens | sinumerik_mc_mcu_1720_firmware | < 05.00.00.00 | 05.00.00.00 |
| siemens | sinumerik_one_ncu_1740_firmware | < 04.00.00.00 | 04.00.00.00 |
| siemens | sinumerik_one_ppu_1740_firmware | < 06.00.00.00 | 06.00.00.00 |