Vulnerability Details : CVE-2020-0590
Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.
Vulnerability category: Input validation
Products affected by CVE-2020-0590
- cpe:2.3:o:siemens:simatic_ipc547g_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_ipc627e_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_ipc647e_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_ipc677e_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_ipc847e_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_ipc527g_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_9282_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_9242_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_9222_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_9221_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8280l_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8280_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8276l_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8276_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8270_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8268_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8260y_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8260l_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8260_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8256_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8253_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6262v_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6254_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6252n_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6252_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6248_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6246_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6244_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6242_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6240_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6238t_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6238l_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6238_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6234_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6230t_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6230n_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6230_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6226_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6222v_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_5222_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_5220s_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_5220_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_5218n_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_5218b_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_5218_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_5217_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_5215l_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_5215_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_silver_4216_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_silver_4215_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_silver_4214y_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_silver_4214_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_silver_4210_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_silver_4209t_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_silver_4208_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_bronze_3204_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8153_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8156_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8158_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8176_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8160_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8164_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8168_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8170_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8180_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8160t_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8160f_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8176f_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6210u_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6212u_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6240y_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6240l_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_5218t_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_5220t_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6209u_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_5122_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6138_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6148_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_5120t_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6136_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6150_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6152_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6130_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6128_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_5118_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6134_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6126_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_5120_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_5115_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6154_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6140_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6132_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6138t_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6142f_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6130t_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6138f_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6130f_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6126t_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6126f_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6148f_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6146_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6144_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_silver_4116_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_silver_4109t_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_silver_4114_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_silver_4112_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_silver_4108_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_silver_4110_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_bronze_3106_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_bronze_3104_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6142_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6138p_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_5119t_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_silver_4116t_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_silver_4114t_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_bronze_3206r_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_5218r_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_5220r_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6208u_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6226r_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6230r_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6238r_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6240r_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6242r_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6246r_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6248r_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6250_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6250l_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6256_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6258r_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_silver_4210r_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_silver_4210t_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_silver_4214r_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_silver_4215r_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:fas\/aff_bios:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-0590
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 10 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-0590
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST | |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2020-0590
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2020-0590
-
https://security.netapp.com/advisory/ntap-20201113-0001/
Third Party Advisory
-
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00358
INTEL-SA-00358Vendor Advisory
-
https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf
Patch;Third Party Advisory
Jump to