Siemens Simatic Ipc847E Firmware vulnerabilities

CVE-2020-8703 [MEDIUM] CWE-119 CVE-2020-8703: Improper buffer restrictions in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, Improper buffer restrictions in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32 and 15.0.22 may allow a privileged user to potentially enable escalation of privilege via local access.

CVE-2020-8670 [MEDIUM] CWE-362 CVE-2020-8670: Race condition in the firmware for some Intel(R) Processors may allow a privileged user to potential Race condition in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

CVE-2020-24507 [MEDIUM] CWE-665 CVE-2020-24507: Improper initialization in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22 Improper initialization in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11 and 15.0.22 may allow a privileged user to potentially enable information disclosure via local access.

CVE-2020-8704 [MEDIUM] CWE-362 CVE-2020-8704: Race condition in a subsystem in the Intel(R) LMS versions before 2039.1.0.0 may allow a privileged Race condition in a subsystem in the Intel(R) LMS versions before 2039.1.0.0 may allow a privileged user to potentially enable escalation of privilege via local access.

CVE-2020-24506 [MEDIUM] CWE-125 CVE-2020-24506: Out of bound read in a subsystem in the Intel(R) CSME versions before 12.0.81, 13.0.47, 13.30.17, 14 Out of bound read in a subsystem in the Intel(R) CSME versions before 12.0.81, 13.0.47, 13.30.17, 14.1.53 and 14.5.32 may allow a privileged user to potentially enable information disclosure via local access.

CVE-2020-0590 [HIGH] CWE-20 CVE-2020-0590: Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated u Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2020-8698 [MEDIUM] CWE-668 CVE-2020-8698: Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user t Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

CVE-2020-8745 [MEDIUM] CVE-2020-8745: Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.8 Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25 , Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

CVE-2020-0543 [MEDIUM] CWE-459 CVE-2020-0543: Incomplete cleanup from specific special register read operations in some Intel(R) Processors may al Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.