What is CVE-2020-0526?

CVE-2020-0526 is a medium-severity vulnerability in Intel Compute_stick_stck1a32wfc, classified under Improper Input Validation. CVSS score: 6.7/10. Published 2020-03-12.

How severe is CVE-2020-0526?

Medium severity. CVSS v3 base score is 6.7 out of 10.

Improper input validation in Intel Compute_stick_stck1a32wfc

CVE-2020-0526

Improper input validation in firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege via local access. The list of affected products is provided in intel-sa-00343: https://www.intel.com/content/w…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.003 (25.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.7 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H.

Affected products

Intel Compute_stick_stck1a32wfc
Intel Compute_stick_stck1a32wfc_firmware — versions stck1a32wfc
Intel Compute_stick_stck1a8lfc
Intel Compute_stick_stck1a8lfc_firmware — versions stck1a8lfc
Intel Compute_stick_stk1a32sc
Intel Compute_stick_stk1a32sc_firmware — versions sc0045
Intel Compute_stick_stk1aw32sc
Intel Compute_stick_stk1aw32sc_firmware — versions sc0045
Intel Compute_stick_stk2m364cc
Intel Compute_stick_stk2m364cc_firmware — versions ccsklm30.86a.0062

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

secure@intel.com (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2020-0526?: CVE-2020-0526 is a medium-severity vulnerability in Intel Compute_stick_stck1a32wfc, classified under Improper Input Validation. CVSS score: 6.7/10. Published 2020-03-12.
How severe is CVE-2020-0526?: Medium severity. CVSS v3 base score is 6.7 out of 10.