What is CVE-2020-0530?

CVE-2020-0530 is a high-severity vulnerability in Intel Compute_stick_stck1a32wfc, classified under Buffer Copy without Checking Size of Input (Classic Buffer Overflow). CVSS score: 7.8/10. Published 2020-03-12.

How severe is CVE-2020-0530?

High severity. CVSS v3 base score is 7.8 out of 10.

Buffer overflow in Intel Compute_stick_stck1a32wfc

CVE-2020-0530

Improper buffer restrictions in firmware for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access. The list of affected products is provided in intel-sa-00343: https://www.intel.com/co…

Vulnerability class: Buffer Overflow

EPSS: 0.003 (25.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Intel Compute_stick_stck1a32wfc
Intel Compute_stick_stck1a32wfc_firmware — versions stck1a32wfc
Intel Compute_stick_stck1a8lfc
Intel Compute_stick_stck1a8lfc_firmware — versions stck1a8lfc
Intel Compute_stick_stk1a32sc
Intel Compute_stick_stk1a32sc_firmware — versions sc0045
Intel Compute_stick_stk1aw32sc
Intel Compute_stick_stk1aw32sc_firmware — versions sc0045
Intel Compute_stick_stk2m364cc
Intel Compute_stick_stk2m364cc_firmware — versions ccsklm30.86a.0062

Weakness classification (CWE)

CWE-120 — Buffer Copy without Checking Size of Input (Classic Buffer Overflow)

References

secure@intel.com (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2020-0530?: CVE-2020-0530 is a high-severity vulnerability in Intel Compute_stick_stck1a32wfc, classified under Buffer Copy without Checking Size of Input (Classic Buffer Overflow). CVSS score: 7.8/10. Published 2020-03-12.
How severe is CVE-2020-0530?: High severity. CVSS v3 base score is 7.8 out of 10.