1. Home
  2. CVE Database
  3. CVE-2020-24516
MEDIUM · 6.8

CVE-2020-24516

Modification of assumed-immutable data in subsystem in Intel(R) CSME versions before 13.0.47, 13.30.17, 14.1.53, 14.5.32, 15.0.22 may allow an unauthenticated user to potentially enable escalation of ...

Vulnerability Description

Modification of assumed-immutable data in subsystem in Intel(R) CSME versions before 13.0.47, 13.30.17, 14.1.53, 14.5.32, 15.0.22 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

CVSS Score

6.8

MEDIUM

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
IntelConverged Security And Manageability Engine< 13.0.47
IntelCore I3-1000G1-
IntelCore I3-1000G4-
IntelCore I3-1000Ng4-
IntelCore I3-1005G1-
IntelCore I3-10100-
IntelCore I3-10100E-
IntelCore I3-10100F-
IntelCore I3-10100T-
IntelCore I3-10100Te-
IntelCore I3-10100Y-
IntelCore I3-10105-
IntelCore I3-10105F-
IntelCore I3-10105T-
IntelCore I3-10110U-
IntelCore I3-10110Y-
IntelCore I3-10300-
IntelCore I3-10300T-
IntelCore I3-10305-
IntelCore I3-10305T-

References

FAQ

What is CVE-2020-24516?

CVE-2020-24516 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Modification of assumed-immutable data in subsystem in Intel(R) CSME versions before 13.0.47, 13.30.17, 14.1.53, 14.5.32, 15.0.22 may allow an unauthenticated user to potentially enable escalation of ...

How severe is CVE-2020-24516?

CVE-2020-24516 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-24516?

Check the references section above for vendor advisories and patch information. Affected products include: Intel Converged Security And Manageability Engine, Intel Core I3-1000G1, Intel Core I3-1000G4, Intel Core I3-1000Ng4, Intel Core I3-1005G1.