What is CVE-2020-13799?

CVE-2020-13799 is a medium-severity vulnerability in Trustedfirmware Op-tee, classified under Authentication Bypass by Capture-replay. CVSS score: 6.8/10. Published 2020-11-18.

How severe is CVE-2020-13799?

Medium severity. CVSS v3 base score is 6.8 out of 10.

Vulnerability in Trustedfirmware Op-tee

CVE-2020-13799

Western Digital has identified a security vulnerability in the Replay Protected Memory Block (RPMB) protocol as specified in multiple standards for storage device interfaces, including all versions of eMMC, UFS, and NVMe. The RPMB protocol…

EPSS: 0.001 (17.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.8 (Medium). Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Weakness classification (CWE)

CWE-294 — Authentication Bypass by Capture-replay

References

cve@mitre.org (US Government Resource, x_refsource_CERT-VN, Third Party Advisory, third-party-advisory)
cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2020-13799?: CVE-2020-13799 is a medium-severity vulnerability in Trustedfirmware Op-tee, classified under Authentication Bypass by Capture-replay. CVSS score: 6.8/10. Published 2020-11-18.
How severe is CVE-2020-13799?: Medium severity. CVSS v3 base score is 6.8 out of 10.