Vulnerability Description
Insufficiently protected credentialsin subsystem in some Intel(R) Client SSDs and some Intel(R) Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via physical access.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intel | Ssd Pro 6000P Firmware | < psf131p |
| Intel | Ssd Pro 6000P | - |
| Intel | Ssd Pro 5450S Firmware | < lhf005p |
| Intel | Ssd Pro 5450S | - |
| Intel | Ssd E 5100S Firmware | < lhf004e |
| Intel | Ssd E 5100S | - |
| Intel | Ssd Pro 5400S Firmware | < lbf017p |
| Intel | Ssd Pro 5400S | - |
| Intel | Ssd Pro 7600P Firmware | < 005p |
| Intel | Ssd Pro 7600P | - |
| Intel | Ssd 760P Firmware | < 005c |
| Intel | Ssd 760P | - |
| Intel | Ssd E 6100P Firmware | < 005e |
| Intel | Ssd E 6100P | - |
| Intel | Ssd 660P Firmware | < 004c |
| Intel | Ssd 660P | - |
| Intel | Optane Ssd 905P Firmware | < e2010480 |
| Intel | Optane Ssd 905P | - |
| Intel | Optane Ssd 900P Firmware | < e2010480 |
| Intel | Optane Ssd 900P | - |
Related Weaknesses (CWE)
References
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00362Vendor Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00362Vendor Advisory
FAQ
What is CVE-2020-12309?
CVE-2020-12309 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Insufficiently protected credentialsin subsystem in some Intel(R) Client SSDs and some Intel(R) Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via phys...
How severe is CVE-2020-12309?
CVE-2020-12309 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-12309?
Check the references section above for vendor advisories and patch information. Affected products include: Intel Ssd Pro 6000P Firmware, Intel Ssd Pro 6000P, Intel Ssd Pro 5450S Firmware, Intel Ssd Pro 5450S, Intel Ssd E 5100S Firmware.