Vulnerability Description
Insufficient control flow managementin firmware in some Intel(R) Client SSDs and some Intel(R) Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via physical access.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intel | Ssd Pro 6000P Firmware | < psf131p |
| Intel | Ssd Pro 6000P | - |
| Intel | Ssd Pro 5450S Firmware | < lhf005p |
| Intel | Ssd Pro 5450S | - |
| Intel | Ssd E 5100S Firmware | < lhf004e |
| Intel | Ssd E 5100S | - |
| Intel | Ssd Pro 5400S Firmware | < lbf017p |
| Intel | Ssd Pro 5400S | - |
| Intel | Ssd Pro 7600P Firmware | < 005p |
| Intel | Ssd Pro 7600P | - |
| Intel | Ssd 760P Firmware | < 005c |
| Intel | Ssd 760P | - |
| Intel | Ssd E 6100P Firmware | < 005e |
| Intel | Ssd E 6100P | - |
| Intel | Ssd 660P Firmware | < 004c |
| Intel | Ssd 660P | - |
| Intel | Optane Ssd 905P Firmware | < e2010480 |
| Intel | Optane Ssd 905P | - |
| Intel | Optane Ssd 900P Firmware | < e2010480 |
| Intel | Optane Ssd 900P | - |
References
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00362Vendor Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00362Vendor Advisory
FAQ
What is CVE-2020-12311?
CVE-2020-12311 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Insufficient control flow managementin firmware in some Intel(R) Client SSDs and some Intel(R) Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via physi...
How severe is CVE-2020-12311?
CVE-2020-12311 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-12311?
Check the references section above for vendor advisories and patch information. Affected products include: Intel Ssd Pro 6000P Firmware, Intel Ssd Pro 6000P, Intel Ssd Pro 5450S Firmware, Intel Ssd Pro 5450S, Intel Ssd E 5100S Firmware.