How severe is CVE-2020-8751?

Medium severity. CVSS v3 base score is 4.6 out of 10.

Vulnerability in Intel Converged_security_and_manageability_engine

CVE-2020-8751

Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, Intel(R) TXE versions before 3.1.80 may allow an unauthenticated user to potentially enable information disclosure via physical access.

EPSS: 0.004 (32.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.6 (Medium). Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.

Affected products

Intel Converged_security_and_manageability_engine
Intel Trusted_execution_technology
N/a Intel(r) Csme, Txe — versions versions before 11.8.80, Intel(R) TXE versions before 3.1.80

References

secure@intel.com (x_refsource_MISC, Vendor Advisory)
secure@intel.com (x_refsource_CONFIRM, Third Party Advisory)
secure@intel.com (x_refsource_CONFIRM, Third Party Advisory)

Frequently asked questions

What is CVE-2020-8751?: CVE-2020-8751 is a medium-severity vulnerability in Intel Converged_security_and_manageability_engine. CVSS score: 4.6/10. Published 2020-11-12.
How severe is CVE-2020-8751?: Medium severity. CVSS v3 base score is 4.6 out of 10.