CVE-2020-24507
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
09/06/2021
Last modified:
22/04/2022
Description
Improper initialization in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11 and 15.0.22 may allow a privileged user to potentially enable information disclosure via local access.
Impact
Base Score 3.x
4.40
Severity 3.x
MEDIUM
Base Score 2.0
2.10
Severity 2.0
LOW
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:intel:converged_security_and_manageability_engine:*:*:*:*:*:*:*:* | 12.0.81 (excluding) | |
| cpe:2.3:h:intel:b360:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:b365:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:c242:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:c246:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:celeron_4205u:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:celeron_4305u:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:celeron_4305ue:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:core_i3-8100:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:core_i3-8100b:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:core_i3-8100h:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:core_i3-8100t:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:core_i3-8109u:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:core_i3-8121u:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:core_i3-8130u:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page