// For flags

CVE-2020-8745

 

Severity Score

6.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25 , Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

Una administración de flujo de control insuficiente en el subsistema para Intel® CSME versiones anteriores a 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 y 14.5.25, Intel® TXE versiones anteriores a 3.1.80 y 4.0.30, pueden habilitar a un usuario no autenticado para permitir potencialmente una escalada de privilegios por medio de un acceso físico

*Credits: N/A
CVSS Scores
Attack Vector
Physical
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2020-02-06 CVE Reserved
  • 2020-11-12 CVE Published
  • 2024-08-04 CVE Updated
  • 2024-10-03 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Siemens
Search vendor "Siemens"
Simatic Drive Controller Firmware
Search vendor "Siemens" for product "Simatic Drive Controller Firmware"
< 05.00.01.00
Search vendor "Siemens" for product "Simatic Drive Controller Firmware" and version " < 05.00.01.00"
-
Affected
in Siemens
Search vendor "Siemens"
Simatic Drive Controller
Search vendor "Siemens" for product "Simatic Drive Controller"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Et200sp 1515sp Pc2 Firmware
Search vendor "Siemens" for product "Simatic Et200sp 1515sp Pc2 Firmware"
< 0209.0105
Search vendor "Siemens" for product "Simatic Et200sp 1515sp Pc2 Firmware" and version " < 0209.0105"
-
Affected
in Siemens
Search vendor "Siemens"
Simatic Et200sp 1515sp Pc2
Search vendor "Siemens" for product "Simatic Et200sp 1515sp Pc2"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Field Pg M5 Firmware
Search vendor "Siemens" for product "Simatic Field Pg M5 Firmware"
< 22.01.08
Search vendor "Siemens" for product "Simatic Field Pg M5 Firmware" and version " < 22.01.08"
-
Affected
in Siemens
Search vendor "Siemens"
Simatic Field Pg M5
Search vendor "Siemens" for product "Simatic Field Pg M5"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Field Pg M6 Firmware
Search vendor "Siemens" for product "Simatic Field Pg M6 Firmware"
--
Affected
in Siemens
Search vendor "Siemens"
Simatic Field Pg M6
Search vendor "Siemens" for product "Simatic Field Pg M6"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Ipc127e Firmware
Search vendor "Siemens" for product "Simatic Ipc127e Firmware"
< 27.01.05
Search vendor "Siemens" for product "Simatic Ipc127e Firmware" and version " < 27.01.05"
-
Affected
in Siemens
Search vendor "Siemens"
Simatic Ipc127e
Search vendor "Siemens" for product "Simatic Ipc127e"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Ipc427e Firmware
Search vendor "Siemens" for product "Simatic Ipc427e Firmware"
< 27.01.05
Search vendor "Siemens" for product "Simatic Ipc427e Firmware" and version " < 27.01.05"
-
Affected
in Siemens
Search vendor "Siemens"
Simatic Ipc427e
Search vendor "Siemens" for product "Simatic Ipc427e"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Ipc477e Firmware
Search vendor "Siemens" for product "Simatic Ipc477e Firmware"
< 27.01.05
Search vendor "Siemens" for product "Simatic Ipc477e Firmware" and version " < 27.01.05"
-
Affected
in Siemens
Search vendor "Siemens"
Simatic Ipc477e
Search vendor "Siemens" for product "Simatic Ipc477e"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Ipc477e Firmware
Search vendor "Siemens" for product "Simatic Ipc477e Firmware"
< 27.01.05
Search vendor "Siemens" for product "Simatic Ipc477e Firmware" and version " < 27.01.05"
-
Affected
in Siemens
Search vendor "Siemens"
Simatic Ipc477e Pro
Search vendor "Siemens" for product "Simatic Ipc477e Pro"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Ipc527g Firmware
Search vendor "Siemens" for product "Simatic Ipc527g Firmware"
< 1.4.0
Search vendor "Siemens" for product "Simatic Ipc527g Firmware" and version " < 1.4.0"
-
Affected
in Siemens
Search vendor "Siemens"
Simatic Ipc527g
Search vendor "Siemens" for product "Simatic Ipc527g"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Ipc547g Firmware
Search vendor "Siemens" for product "Simatic Ipc547g Firmware"
< r1.30.0
Search vendor "Siemens" for product "Simatic Ipc547g Firmware" and version " < r1.30.0"
-
Affected
in Siemens
Search vendor "Siemens"
Simatic Ipc547g
Search vendor "Siemens" for product "Simatic Ipc547g"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Ipc627e Firmware
Search vendor "Siemens" for product "Simatic Ipc627e Firmware"
< 25.02.08
Search vendor "Siemens" for product "Simatic Ipc627e Firmware" and version " < 25.02.08"
-
Affected
in Siemens
Search vendor "Siemens"
Simatic Ipc627e
Search vendor "Siemens" for product "Simatic Ipc627e"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Ipc647e Firmware
Search vendor "Siemens" for product "Simatic Ipc647e Firmware"
< 25.02.08
Search vendor "Siemens" for product "Simatic Ipc647e Firmware" and version " < 25.02.08"
-
Affected
in Siemens
Search vendor "Siemens"
Simatic Ipc647e
Search vendor "Siemens" for product "Simatic Ipc647e"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Ipc667e Firmware
Search vendor "Siemens" for product "Simatic Ipc667e Firmware"
< 25.02.08
Search vendor "Siemens" for product "Simatic Ipc667e Firmware" and version " < 25.02.08"
-
Affected
in Siemens
Search vendor "Siemens"
Simatic Ipc667e
Search vendor "Siemens" for product "Simatic Ipc667e"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Ipc847e Firmware
Search vendor "Siemens" for product "Simatic Ipc847e Firmware"
< 25.02.08
Search vendor "Siemens" for product "Simatic Ipc847e Firmware" and version " < 25.02.08"
-
Affected
in Siemens
Search vendor "Siemens"
Simatic Ipc847e
Search vendor "Siemens" for product "Simatic Ipc847e"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Itp1000 Firmware
Search vendor "Siemens" for product "Simatic Itp1000 Firmware"
< 23.01.08
Search vendor "Siemens" for product "Simatic Itp1000 Firmware" and version " < 23.01.08"
-
Affected
in Siemens
Search vendor "Siemens"
Simatic Itp1000
Search vendor "Siemens" for product "Simatic Itp1000"
--
Safe
Siemens
Search vendor "Siemens"
Sinumerik 828d Hw Pu.4 Firmware
Search vendor "Siemens" for product "Sinumerik 828d Hw Pu.4 Firmware"
< 08.00.00.00
Search vendor "Siemens" for product "Sinumerik 828d Hw Pu.4 Firmware" and version " < 08.00.00.00"
-
Affected
in Siemens
Search vendor "Siemens"
Sinumerik 828d Hw Pu.4
Search vendor "Siemens" for product "Sinumerik 828d Hw Pu.4"
--
Safe
Siemens
Search vendor "Siemens"
Sinumerik Mc Mcu 1720 Firmware
Search vendor "Siemens" for product "Sinumerik Mc Mcu 1720 Firmware"
< 05.00.00.00
Search vendor "Siemens" for product "Sinumerik Mc Mcu 1720 Firmware" and version " < 05.00.00.00"
-
Affected
in Siemens
Search vendor "Siemens"
Sinumerik Mc Mcu 1720
Search vendor "Siemens" for product "Sinumerik Mc Mcu 1720"
--
Safe
Siemens
Search vendor "Siemens"
Sinumerik One Firmware
Search vendor "Siemens" for product "Sinumerik One Firmware"
--
Affected
in Siemens
Search vendor "Siemens"
Sinumerik One
Search vendor "Siemens" for product "Sinumerik One"
--
Safe
Siemens
Search vendor "Siemens"
Sinumerik 840d Sl Ht 10 Firmware
Search vendor "Siemens" for product "Sinumerik 840d Sl Ht 10 Firmware"
--
Affected
in Siemens
Search vendor "Siemens"
Sinumerik 840d Sl Ht 10
Search vendor "Siemens" for product "Sinumerik 840d Sl Ht 10"
--
Safe
Siemens
Search vendor "Siemens"
Sinumerik One Ncu 1740 Firmware
Search vendor "Siemens" for product "Sinumerik One Ncu 1740 Firmware"
< 04.00.00.00
Search vendor "Siemens" for product "Sinumerik One Ncu 1740 Firmware" and version " < 04.00.00.00"
-
Affected
in Siemens
Search vendor "Siemens"
Sinumerik One Ncu 1740
Search vendor "Siemens" for product "Sinumerik One Ncu 1740"
--
Safe
Siemens
Search vendor "Siemens"
Sinumerik One Ppu 1740 Firmware
Search vendor "Siemens" for product "Sinumerik One Ppu 1740 Firmware"
< 06.00.00.00
Search vendor "Siemens" for product "Sinumerik One Ppu 1740 Firmware" and version " < 06.00.00.00"
-
Affected
in Siemens
Search vendor "Siemens"
Sinumerik One Ppu 1740
Search vendor "Siemens" for product "Sinumerik One Ppu 1740"
--
Safe
Intel
Search vendor "Intel"
Converged Security And Manageability Engine
Search vendor "Intel" for product "Converged Security And Manageability Engine"
< 11.8.80
Search vendor "Intel" for product "Converged Security And Manageability Engine" and version " < 11.8.80"
-
Affected
Intel
Search vendor "Intel"
Converged Security And Manageability Engine
Search vendor "Intel" for product "Converged Security And Manageability Engine"
>= 11.12.0 < 11.12.80
Search vendor "Intel" for product "Converged Security And Manageability Engine" and version " >= 11.12.0 < 11.12.80"
-
Affected
Intel
Search vendor "Intel"
Converged Security And Manageability Engine
Search vendor "Intel" for product "Converged Security And Manageability Engine"
>= 11.22.0 < 11.22.80
Search vendor "Intel" for product "Converged Security And Manageability Engine" and version " >= 11.22.0 < 11.22.80"
-
Affected
Intel
Search vendor "Intel"
Converged Security And Manageability Engine
Search vendor "Intel" for product "Converged Security And Manageability Engine"
>= 12.0 < 12.0.70
Search vendor "Intel" for product "Converged Security And Manageability Engine" and version " >= 12.0 < 12.0.70"
-
Affected
Intel
Search vendor "Intel"
Converged Security And Manageability Engine
Search vendor "Intel" for product "Converged Security And Manageability Engine"
>= 14.0 < 14.0.45
Search vendor "Intel" for product "Converged Security And Manageability Engine" and version " >= 14.0 < 14.0.45"
-
Affected
Intel
Search vendor "Intel"
Converged Security And Manageability Engine
Search vendor "Intel" for product "Converged Security And Manageability Engine"
>= 14.5.0 < 14.5.25
Search vendor "Intel" for product "Converged Security And Manageability Engine" and version " >= 14.5.0 < 14.5.25"
-
Affected
Intel
Search vendor "Intel"
Trusted Execution Technology
Search vendor "Intel" for product "Trusted Execution Technology"
< 3.1.80
Search vendor "Intel" for product "Trusted Execution Technology" and version " < 3.1.80"
-
Affected
Intel
Search vendor "Intel"
Trusted Execution Technology
Search vendor "Intel" for product "Trusted Execution Technology"
>= 4.0 < 4.0.30
Search vendor "Intel" for product "Trusted Execution Technology" and version " >= 4.0 < 4.0.30"
-
Affected