Vulnerability Description
Insufficient control flow management in the Open WebRTC Toolkit before version 4.3.1 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
CVSS Score
9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intel | Open Webrtc Toolkit | < 4.3.1 |
References
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00424PatchVendor Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00424PatchVendor Advisory
FAQ
What is CVE-2020-12338?
CVE-2020-12338 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Insufficient control flow management in the Open WebRTC Toolkit before version 4.3.1 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
How severe is CVE-2020-12338?
CVE-2020-12338 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2020-12338?
Check the references section above for vendor advisories and patch information. Affected products include: Intel Open Webrtc Toolkit.