Vulnerability-Lookup

CVE-2020-8692 (GCVE-0-2020-8692)

Vulnerability from cvelistv5 – Published: 2020-11-12 18:01 – Updated: 2024-08-04 10:03

Summary

Severity ?

No CVSS data available.

CWE

escalation of privilege and/or denial of service

Assigner

intel

References

URL

	Vendor	Product	Version
	n/a	Intel(R) Ethernet 700 Series Controllers	Affected: before version 7.3

GHSA-XRG7-HHWV-8FC8

Vulnerability from github – Published: 2022-05-24 17:34 – Updated: 2022-05-24 17:34

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2020-8692"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-11-12T18:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Insufficient access control in the firmware of the Intel(R) Ethernet 700 Series Controllers before version 7.3 may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access.",
  "id": "GHSA-xrg7-hhwv-8fc8",
  "modified": "2022-05-24T17:34:10Z",
  "published": "2022-05-24T17:34:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8692"
    },
    {
      "type": "WEB",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00380"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

VAR-202011-1371

Vulnerability from variot - Updated: 2024-11-23 21:35

Insufficient access control in the firmware of the Intel(R) Ethernet 700 Series Controllers before version 7.3 may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access. Intel(R) Ethernet 700 Series Controller Contains a privilege management vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Intel Ethernet 700 Series Controllers is a 700 series Ethernet controller from Intel Corporation.

Intel(R) Ethernet 700 Series Controllers versions prior to 7.3 have a security vulnerability. The vulnerability is due to insufficient access control

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202011-1371",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "xxv710-am1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7.3"
      },
      {
        "model": "x710-tm4",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7.3"
      },
      {
        "model": "x710-bm2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7.3"
      },
      {
        "model": "v710-at2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7.3"
      },
      {
        "model": "xl710-bm1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7.3"
      },
      {
        "model": "x710-at2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7.3"
      },
      {
        "model": "xxv710-am2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7.3"
      },
      {
        "model": "xl710-bm2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7.3"
      },
      {
        "model": "intel ethernet controller x710-at2",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a4\u30f3\u30c6\u30eb",
        "version": null
      },
      {
        "model": "\u65e5\u7acb\u30a2\u30c9\u30d0\u30f3\u30b9\u30c8\u30b5\u30fc\u30d0",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u65e5\u7acb",
        "version": null
      },
      {
        "model": "intel ethernet controller xl710-bm1",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a4\u30f3\u30c6\u30eb",
        "version": null
      },
      {
        "model": "intel ethernet controller xxv710-am2",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a4\u30f3\u30c6\u30eb",
        "version": null
      },
      {
        "model": "intel ethernet controller xl710-bm2",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a4\u30f3\u30c6\u30eb",
        "version": null
      },
      {
        "model": "intel ethernet controller v710-at2",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a4\u30f3\u30c6\u30eb",
        "version": null
      },
      {
        "model": "intel ethernet controller x710-tm4",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a4\u30f3\u30c6\u30eb",
        "version": null
      },
      {
        "model": "intel ethernet controller xxv710-am1",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a4\u30f3\u30c6\u30eb",
        "version": null
      },
      {
        "model": "intel ethernet controller x710-bm2",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a4\u30f3\u30c6\u30eb",
        "version": null
      },
      {
        "model": "ethernet series controllers",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "intel",
        "version": "700\u003c7.3"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-17791"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-013650"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-8692"
      }
    ]
  },
  "cve": "CVE-2020-8692",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "CVE-2020-8692",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "CNVD-2021-17791",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 0.8,
            "id": "CVE-2020-8692",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 6.7,
            "baseSeverity": "Medium",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2020-8692",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "High",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2020-8692",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2020-8692",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2021-17791",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202011-935",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-17791"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-013650"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202011-935"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-8692"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Insufficient access control in the firmware of the Intel(R) Ethernet 700 Series Controllers before version 7.3 may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access. Intel(R) Ethernet 700 Series Controller Contains a privilege management vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Intel Ethernet 700 Series Controllers is a 700 series Ethernet controller from Intel Corporation. \n\r\n\r\nIntel(R) Ethernet 700 Series Controllers versions prior to 7.3 have a security vulnerability. The vulnerability is due to insufficient access control",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-8692"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-013650"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-17791"
      }
    ],
    "trust": 2.16
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2020-8692",
        "trust": 3.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-013650",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-17791",
        "trust": 0.6
      },
      {
        "db": "LENOVO",
        "id": "LEN-50822",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.0230",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.3978",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202011-935",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-17791"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-013650"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202011-935"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-8692"
      }
    ]
  },
  "id": "VAR-202011-1371",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-17791"
      }
    ],
    "trust": 1.2611494233333334
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-17791"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:35:03.176000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "INTEL-SA-00380 Hitachi Server / Client Product Security Information",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00380"
      },
      {
        "title": "Patch for Unspecified vulnerability exists in Intel Ethernet 700 Series Controllers (CNVD-2021-17791)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/253176"
      },
      {
        "title": "Intel Ethernet 700 Series Controllers Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=133907"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-17791"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-013650"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202011-935"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "Improper authority management (CWE-269) [NVD Evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-013650"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-8692"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-8692"
      },
      {
        "trust": 1.6,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00380"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.0230/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.3978/"
      },
      {
        "trust": 0.6,
        "url": "https://support.lenovo.com/us/en/product_security/len-50822"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-17791"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-013650"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202011-935"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-8692"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-17791"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-013650"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202011-935"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-8692"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-03-16T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-17791"
      },
      {
        "date": "2021-07-09T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-013650"
      },
      {
        "date": "2020-11-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202011-935"
      },
      {
        "date": "2020-11-12T18:15:16.407000",
        "db": "NVD",
        "id": "CVE-2020-8692"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-03-16T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-17791"
      },
      {
        "date": "2021-07-09T03:27:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-013650"
      },
      {
        "date": "2021-01-21T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202011-935"
      },
      {
        "date": "2024-11-21T05:39:15.703000",
        "db": "NVD",
        "id": "CVE-2020-8692"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202011-935"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Intel(R)\u00a0Ethernet\u00a0700\u00a0Series\u00a0Controller\u00a0 Vulnerability in privilege management",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-013650"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202011-935"
      }
    ],
    "trust": 0.6
  }
}

GSD-2020-8692

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2020-8692

Aliases

CVE-2020-8692

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2020-8692",
    "description": "Insufficient access control in the firmware of the Intel(R) Ethernet 700 Series Controllers before version 7.3 may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access.",
    "id": "GSD-2020-8692"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-8692"
      ],
      "details": "Insufficient access control in the firmware of the Intel(R) Ethernet 700 Series Controllers before version 7.3 may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access.",
      "id": "GSD-2020-8692",
      "modified": "2023-12-13T01:21:53.569210Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@intel.com",
        "ID": "CVE-2020-8692",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Intel(R) Ethernet 700 Series Controllers",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "before version 7.3"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Insufficient access control in the firmware of the Intel(R) Ethernet 700 Series Controllers before version 7.3 may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "escalation of privilege and/or denial of service"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00380",
            "refsource": "MISC",
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00380"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:v710-at2_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.3",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:v710-at2:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:x710-tm4_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.3",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:x710-tm4:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:x710-at2_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.3",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:x710-at2:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:xxv710-am2_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.3",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:xxv710-am2:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:xxv710-am1_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.3",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:xxv710-am1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:x710-bm2_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.3",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:x710-bm2:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:xl710-bm2_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.3",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:xl710-bm2:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:xl710-bm1_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.3",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:xl710-bm1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2020-8692"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Insufficient access control in the firmware of the Intel(R) Ethernet 700 Series Controllers before version 7.3 may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00380",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00380"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 0.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2021-07-21T11:39Z",
      "publishedDate": "2020-11-12T18:15Z"
    }
  }
}

FKIE_CVE-2020-8692

Vulnerability from fkie_nvd - Published: 2020-11-12 18:15 - Updated: 2024-11-21 05:39

Severity ?

6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	secure@intel.com	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00380	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00380	Vendor Advisory

Impacted products

Vendor	Product	Version
intel	v710-at2_firmware	*
intel	v710-at2	-
intel	x710-tm4_firmware	*
intel	x710-tm4	-
intel	x710-at2_firmware	*
intel	x710-at2	-
intel	xxv710-am2_firmware	*
intel	xxv710-am2	-
intel	xxv710-am1_firmware	*
intel	xxv710-am1	-
intel	x710-bm2_firmware	*
intel	x710-bm2	-
intel	xl710-bm2_firmware	*
intel	xl710-bm2	-
intel	xl710-bm1_firmware	*
intel	xl710-bm1	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:v710-at2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CE656D4-5015-45A9-ABBD-8F3A2B406B7E",
              "versionEndExcluding": "7.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:v710-at2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A52A3306-1B02-464F-9085-65B3F4D7D40A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:x710-tm4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "39917560-335B-4A97-B51F-C7F5AACCF34E",
              "versionEndExcluding": "7.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:x710-tm4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2C8F274-F4A4-406D-944A-8F75FC2D53A1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:x710-at2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B576A67-8E01-40BB-AD6E-5AB00943B6C2",
              "versionEndExcluding": "7.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:x710-at2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AA25C47-F083-47CD-B6EC-22BCABF47428",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:xxv710-am2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "636A2DF4-6724-4534-AFBE-2EC8B2ABD75C",
              "versionEndExcluding": "7.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:xxv710-am2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "74EA296B-70FB-4618-AABB-E146FC934F63",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:xxv710-am1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "068A5A9D-63A7-4031-93B1-B0F79A2B2C16",
              "versionEndExcluding": "7.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:xxv710-am1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "75317F51-B596-4E65-8C79-CBCD5791F72A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:x710-bm2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C67925DB-3302-4521-83A7-373F6A66DFB3",
              "versionEndExcluding": "7.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:x710-bm2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "991282B3-BD75-49EF-B7BC-8052ACE36ADD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:xl710-bm2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F260A80E-6FFD-47A0-B74F-9AA6427D8B37",
              "versionEndExcluding": "7.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:xl710-bm2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08C7EEF4-F64C-4CD9-99B2-F56933B2C5A3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:xl710-bm1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "547A4BB2-3E4C-4CD0-B7D4-29F3A27A0DF6",
              "versionEndExcluding": "7.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:xl710-bm1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF831195-E4D6-4246-B792-BB7D65E7AF5F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Insufficient access control in the firmware of the Intel(R) Ethernet 700 Series Controllers before version 7.3 may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access."
    },
    {
      "lang": "es",
      "value": "Un control de acceso insuficiente en el firmware de los Intel\u00ae Ethernet 700 Series Controllers versiones anteriores a 7.3, puede habilitar a un usuario privilegiado para permitir potencialmente una escalada de privilegios y/o una denegaci\u00f3n de servicio por medio de un acceso local"
    }
  ],
  "id": "CVE-2020-8692",
  "lastModified": "2024-11-21T05:39:15.703",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-11-12T18:15:16.407",
  "references": [
    {
      "source": "secure@intel.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00380"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00380"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

WID-SEC-W-2024-0479

Vulnerability from csaf_certbund - Published: 2020-11-10 23:00 - Updated: 2024-02-26 23:00

Summary

Intel Ethernet Controller: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Intel Ethernet Controller ist eine Netzerkkarte (NIC) des Herstellers Intel.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen in Intel Ethernet Controller ausnutzen, um seine Privilegien zu erhöhen oder einen Denial of Service zu verursachen.

Betroffene Betriebssysteme

- Sonstiges

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Intel Ethernet Controller ist eine Netzerkkarte (NIC) des Herstellers Intel.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen in Intel Ethernet Controller ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of  Service zu verursachen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0479 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2020/wid-sec-w-2024-0479.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0479 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0479"
      },
      {
        "category": "external",
        "summary": "Intel Ethernet 700 Series Controller Advisory vom 2020-11-10",
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00380.html"
      },
      {
        "category": "external",
        "summary": "EMC Security Advisory DSA-2020-256 vom 2021-02-10",
        "url": "https://www.dell.com/support/kbdoc/de-de/000182896/dsa-2020-256-dell-emc-networking-security-advisory-for-the-monthly-2020-2-intel-platform-updates-nov-2020"
      },
      {
        "category": "external",
        "summary": "EMC Security Advisory DSA-2021-084 vom 2021-05-25",
        "url": "https://www.dell.com/support/kbdoc/de-de/000185441/dsa-2021-084-dell-client-platform-security-advisory-for-intel-ethernet-700-series-controller-vulnerabilities"
      },
      {
        "category": "external",
        "summary": "HP Security Bulletin HPSBHF03701 vom 2024-02-13",
        "url": "https://support.hp.com/us-en/document/ish_10221184-10221217-16/HPSBHF03701"
      }
    ],
    "source_lang": "en-US",
    "title": "Intel Ethernet Controller: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-02-26T23:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:05:43.531+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2024-0479",
      "initial_release_date": "2020-11-10T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2020-11-10T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2021-02-10T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von EMC aufgenommen"
        },
        {
          "date": "2021-05-25T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von EMC aufgenommen"
        },
        {
          "date": "2024-02-26T23:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von HP aufgenommen"
        }
      ],
      "status": "final",
      "version": "4"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Dell Computer",
            "product": {
              "name": "Dell Computer",
              "product_id": "T006498",
              "product_identification_helper": {
                "cpe": "cpe:/o:dell:dell_computer:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Dell"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "HP Computer",
            "product": {
              "name": "HP Computer",
              "product_id": "T030989",
              "product_identification_helper": {
                "cpe": "cpe:/h:hp:computer:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "HP"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c 7.3",
                "product": {
                  "name": "Intel Ethernet Controller \u003c 7.3",
                  "product_id": "T015381"
                }
              }
            ],
            "category": "product_name",
            "name": "Ethernet Controller"
          }
        ],
        "category": "vendor",
        "name": "Intel"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-8690",
      "notes": [
        {
          "category": "description",
          "text": "In Intel Ethernet Controller existieren mehrere Schwachstellen. Diese sind auf unsachgem\u00e4\u00dfe Pufferbeschr\u00e4nkungen, unzureichende Zugangskontrolle, Versagen des Schutzmechanismus und ein Logikproblem zur\u00fcckzuf\u00fchren. Ein lokaler, privilegierter Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern oder einen Denial of Service zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006498",
          "T030989"
        ]
      },
      "release_date": "2020-11-10T23:00:00.000+00:00",
      "title": "CVE-2020-8690"
    },
    {
      "cve": "CVE-2020-8691",
      "notes": [
        {
          "category": "description",
          "text": "In Intel Ethernet Controller existieren mehrere Schwachstellen. Diese sind auf unsachgem\u00e4\u00dfe Pufferbeschr\u00e4nkungen, unzureichende Zugangskontrolle, Versagen des Schutzmechanismus und ein Logikproblem zur\u00fcckzuf\u00fchren. Ein lokaler, privilegierter Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern oder einen Denial of Service zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006498",
          "T030989"
        ]
      },
      "release_date": "2020-11-10T23:00:00.000+00:00",
      "title": "CVE-2020-8691"
    },
    {
      "cve": "CVE-2020-8692",
      "notes": [
        {
          "category": "description",
          "text": "In Intel Ethernet Controller existieren mehrere Schwachstellen. Diese sind auf unsachgem\u00e4\u00dfe Pufferbeschr\u00e4nkungen, unzureichende Zugangskontrolle, Versagen des Schutzmechanismus und ein Logikproblem zur\u00fcckzuf\u00fchren. Ein lokaler, privilegierter Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern oder einen Denial of Service zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006498",
          "T030989"
        ]
      },
      "release_date": "2020-11-10T23:00:00.000+00:00",
      "title": "CVE-2020-8692"
    },
    {
      "cve": "CVE-2020-8693",
      "notes": [
        {
          "category": "description",
          "text": "In Intel Ethernet Controller existieren mehrere Schwachstellen. Diese sind auf unsachgem\u00e4\u00dfe Pufferbeschr\u00e4nkungen, unzureichende Zugangskontrolle, Versagen des Schutzmechanismus und ein Logikproblem zur\u00fcckzuf\u00fchren. Ein lokaler, privilegierter Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern oder einen Denial of Service zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006498",
          "T030989"
        ]
      },
      "release_date": "2020-11-10T23:00:00.000+00:00",
      "title": "CVE-2020-8693"
    }
  ]
}

CNVD-2021-17791

Vulnerability from cnvd - Published: 2021-03-16

Title

Intel Ethernet 700 Series Controllers存在未明漏洞（CNVD-2021-17791）

Description

Intel Ethernet 700 Series Controllers是美国英特尔（Intel）公司的一款700系列以太网控制器。 Intel(R) Ethernet 700 Series Controllers 7.3之前版本存在安全漏洞，该漏洞源于访问控制不足，有特权的用户可利用该漏洞通过本地访问启用特权升级和/或拒绝服务。

Severity

中

Patch Name

Intel Ethernet 700 Series Controllers存在未明漏洞（CNVD-2021-17791）的补丁

Patch Description

Formal description

厂商已提供漏洞修补方案，请关注厂商主页及时更新： https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00380.html

Reference

https://nvd.nist.gov/vuln/detail/CVE-2020-8692

Impacted products

Name
Intel Intel Ethernet 700 Series Controllers <7.3

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-8692",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2020-8692"
    }
  },
  "description": "Intel Ethernet 700 Series Controllers\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u7684\u4e00\u6b3e700\u7cfb\u5217\u4ee5\u592a\u7f51\u63a7\u5236\u5668\u3002\n\nIntel(R) Ethernet 700 Series Controllers 7.3\u4e4b\u524d\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u8bbf\u95ee\u63a7\u5236\u4e0d\u8db3\uff0c\u6709\u7279\u6743\u7684\u7528\u6237\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u672c\u5730\u8bbf\u95ee\u542f\u7528\u7279\u6743\u5347\u7ea7\u548c/\u6216\u62d2\u7edd\u670d\u52a1\u3002",
  "formalWay": "\u5382\u5546\u5df2\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u8865\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u53ca\u65f6\u66f4\u65b0\uff1a\r\nhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00380.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-17791",
  "openTime": "2021-03-16",
  "patchDescription": "Intel Ethernet 700 Series Controllers\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u7684\u4e00\u6b3e700\u7cfb\u5217\u4ee5\u592a\u7f51\u63a7\u5236\u5668\u3002\r\n\r\nIntel(R) Ethernet 700 Series Controllers 7.3\u4e4b\u524d\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u8bbf\u95ee\u63a7\u5236\u4e0d\u8db3\uff0c\u6709\u7279\u6743\u7684\u7528\u6237\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u672c\u5730\u8bbf\u95ee\u542f\u7528\u7279\u6743\u5347\u7ea7\u548c/\u6216\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Intel Ethernet 700 Series Controllers\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2021-17791\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Intel Intel Ethernet 700 Series Controllers \u003c7.3"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2020-8692",
  "serverity": "\u4e2d",
  "submitTime": "2020-11-19",
  "title": "Intel Ethernet 700 Series Controllers\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2021-17791\uff09"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2020-8692 (GCVE-0-2020-8692)

GHSA-XRG7-HHWV-8FC8

VAR-202011-1371

GSD-2020-8692

FKIE_CVE-2020-8692

WID-SEC-W-2024-0479

CNVD-2021-17791

Tags

Sightings

Nomenclature