Vulnerability Details : CVE-2020-24457
Logic error in BIOS firmware for 8th, 9th and 10th Generation Intel(R) Core(TM) Processors may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access.
Vulnerability category: Denial of serviceInformation leak
Products affected by CVE-2020-24457
- cpe:2.3:o:intel:pentium_silver_j5005_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:pentium_silver_n5000_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-10510u_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-10510y_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-10710u_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-1065g7_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-8565u_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-8500y_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-8086k_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-8750h_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-8559u_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7\+8700_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-8709g_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-8809g_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-8705g_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-8706g_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-8550u_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-8650u_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-8665ue_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-8665u_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-8557u_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-8850h_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-8700t_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-8700k_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-8700b_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-8700_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-8569u_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i9-9980hk_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i9-9880h_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i9-9900t_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i9-9900ks_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i9-9900kf_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i9-9900k_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i9-9900_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-1060g7_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:pentium_silver_j5040_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-10875h_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-10850h_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-10810u_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-10750h_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-10700te_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-10700t_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-10700kf_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-10700k_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-10700f_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-10700e_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-10700_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-10610u_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-1068ng7_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:core_i7-10870h_firmware:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-24457
0.07%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 27 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-24457
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST | |
7.6
|
HIGH | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
0.9
|
6.0
|
NIST |
References for CVE-2020-24457
-
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00347.html
INTEL-SA-00347Vendor Advisory
Jump to