Buffer overflow in Intel Compute_module_hns2600bpb
CVE-2020-8732
Heap-based buffer overflow in the firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
Vulnerability class: Buffer Overflow
EPSS: 0.007 (48.8th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Intel Compute_module_hns2600bpb
- Intel Compute_module_hns2600bpb24
- Intel Compute_module_hns2600bpb24r
- Intel Compute_module_hns2600bpblc
- Intel Compute_module_hns2600bpblc24
- Intel Compute_module_hns2600bpblc24r
- Intel Compute_module_hns2600bpblcr
- Intel Compute_module_hns2600bpbr
- Intel Compute_module_hns2600bp_firmware
- Intel Compute_module_hns2600bpq
Weakness classification (CWE)
References
- secure@intel.com (x_refsource_MISC, Vendor Advisory)
- secure@intel.com (x_refsource_CONFIRM, Third Party Advisory)
Frequently asked questions
- What is CVE-2020-8732?
- CVE-2020-8732 is a high-severity vulnerability in Intel Compute_module_hns2600bpb, classified under Out-of-bounds Write. CVSS score: 8.8/10. Published 2020-08-13.
- How severe is CVE-2020-8732?
- High severity. CVSS v3 base score is 8.8 out of 10.