Vulnerability Description
Logic error in BIOS firmware for 8th, 9th and 10th Generation Intel(R) Core(TM) Processors may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intel | Core I7-8665Ue Firmware | - |
| Intel | Core I7-8665Ue | - |
| Intel | Core I7-8665U Firmware | - |
| Intel | Core I7-8665U | - |
| Intel | Core I7-8557U Firmware | - |
| Intel | Core I7-8557U | - |
| Intel | Core I7-8850H Firmware | - |
| Intel | Core I7-8850H | - |
| Intel | Core I7-8809G Firmware | - |
| Intel | Core I7-8809G | - |
| Intel | Core I7-8750H Firmware | - |
| Intel | Core I7-8750H | - |
| Intel | Core I7-8709G Firmware | - |
| Intel | Core I7-8709G | - |
| Intel | Core I7-8706G Firmware | - |
| Intel | Core I7-8706G | - |
| Intel | Core I7-8705G Firmware | - |
| Intel | Core I7-8705G | - |
| Intel | Core I7-8700T Firmware | - |
| Intel | Core I7-8700T | - |
References
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00347.Vendor Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00347.Vendor Advisory
FAQ
What is CVE-2020-24457?
CVE-2020-24457 is a vulnerability with a CVSS score of 7.6 (HIGH). Logic error in BIOS firmware for 8th, 9th and 10th Generation Intel(R) Core(TM) Processors may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or inf...
How severe is CVE-2020-24457?
CVE-2020-24457 has been rated HIGH with a CVSS base score of 7.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-24457?
Check the references section above for vendor advisories and patch information. Affected products include: Intel Core I7-8665Ue Firmware, Intel Core I7-8665Ue, Intel Core I7-8665U Firmware, Intel Core I7-8665U, Intel Core I7-8557U Firmware.