What is CVE-2020-8672?

CVE-2020-8672 is a high-severity vulnerability in Intel Bios, classified under Out-of-bounds Read. CVSS score: 7.8/10. Published 2021-02-02.

How severe is CVE-2020-8672?

High severity. CVSS v3 base score is 7.8 out of 10.

Out-of-bounds Read in Intel Bios

CVE-2020-8672

Out of bound read in BIOS firmware for 8th, 9th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 Series Processors may allow an unauthenticated user to potentially enable elevation of privilege or denial of service via loca…

Vulnerability class: Buffer Overflow

EPSS: 0.003 (25.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Intel Bios
Intel Celeron_4205u
Intel Celeron_4305u
Intel Celeron_4305ue
Intel Core_i3_8100
Intel Core_i3_8100f
Intel Core_i3_8100t
Intel Core_i3_8300
Intel Core_i3_8300t
Intel Core_i3_8350k

Weakness classification (CWE)

CWE-125 — Out-of-bounds Read

References

secure@intel.com (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2020-8672?: CVE-2020-8672 is a high-severity vulnerability in Intel Bios, classified under Out-of-bounds Read. CVSS score: 7.8/10. Published 2021-02-02.
How severe is CVE-2020-8672?: High severity. CVSS v3 base score is 7.8 out of 10.