{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:intel:converged_security_and_manageability_engine:*:*:*:*:*:*:*:*", "matchCriteriaId": "BA64E7EE-8977-4427-9FF9-DD9FE80F02C6", "versionEndExcluding": "11.8.80", "vulnerable": true}, {"criteria": "cpe:2.3:a:intel:converged_security_and_manageability_engine:*:*:*:*:*:*:*:*", "matchCriteriaId": "3DDDD0D3-CE11-49C7-93F7-F2AA1053DD86", "versionEndExcluding": "11.12.80", "versionStartIncluding": "11.12.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:intel:converged_security_and_manageability_engine:*:*:*:*:*:*:*:*", "matchCriteriaId": "7A5C4B3E-3C68-4D2B-A181-18A71378362E", "versionEndExcluding": "11.22.80", "versionStartIncluding": "11.22.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:intel:converged_security_and_manageability_engine:*:*:*:*:*:*:*:*", "matchCriteriaId": "EB22E6F2-D34F-4A05-9CC2-BCAF3E84F54E", "versionEndExcluding": "12.0.70", "versionStartIncluding": "12.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:intel:converged_security_and_manageability_engine:*:*:*:*:*:*:*:*", "matchCriteriaId": "94D40FF5-8E0A-4591-9CE4-2E671C8E4F2E", "versionEndExcluding": "14.0.45", "versionStartIncluding": "14.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:intel:converged_security_and_manageability_engine:*:*:*:*:*:*:*:*", "matchCriteriaId": "2B323721-380E-4222-AB7A-9993BF8DA653", "versionEndExcluding": "14.5.25", "versionStartIncluding": "14.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:intel:trusted_execution_technology:*:*:*:*:*:*:*:*", "matchCriteriaId": "DF1D6613-FA0F-4859-B45C-A0F86BCF1CF8", "versionEndExcluding": "3.1.80", "vulnerable": true}, {"criteria": "cpe:2.3:a:intel:trusted_execution_technology:*:*:*:*:*:*:*:*", "matchCriteriaId": "D4BA87F2-F5DE-44A1-B81A-CE1DB5EAFEFA", "versionEndExcluding": "4.0.30", "versionStartIncluding": "4.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_drive_controller_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA19F1AE-18D4-43F6-BBAB-225B241042BC", "versionEndExcluding": "05.00.01.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_drive_controller:-:*:*:*:*:*:*:*", "matchCriteriaId": "0137C77B-D587-47D6-AEBE-462D00546FD7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_et200sp_1515sp_pc2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7FC1D3E4-0B86-4464-96BE-D938B379FDAE", "versionEndExcluding": "0209.0105", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_et200sp_1515sp_pc2:-:*:*:*:*:*:*:*", "matchCriteriaId": "4CA8F936-9C3B-46C0-9623-0AF16A4B0294", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F5320759-AAAB-4FEA-99AB-51A7F7EE9F58", "versionEndExcluding": "22.01.08", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_field_pg_m5:-:*:*:*:*:*:*:*", "matchCriteriaId": "506DEE00-30D2-4E29-9645-757EB8778C0F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_field_pg_m6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "ECC5341D-9982-4F18-9C8D-2912DDB8EF9A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_field_pg_m6:-:*:*:*:*:*:*:*", "matchCriteriaId": "8F3C3E60-7C36-4F5D-B454-97C9D0FD9459", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_ipc127e_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "161DFB8B-6B7B-4F6D-9452-EF43A70BBE50", "versionEndExcluding": "27.01.05", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_ipc127e:-:*:*:*:*:*:*:*", "matchCriteriaId": "F63C0B17-60E2-4240-92FD-4B7C7D8F2C8B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_ipc427e_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CA71050F-CCED-4885-A483-79CC43F6AEC9", "versionEndExcluding": "27.01.05", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:*", "matchCriteriaId": "A40D0CDB-7BE6-491F-B730-3B4E10CA159A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_ipc477e_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D3CD5B0A-D4B1-41D2-8709-D49D927982FA", "versionEndExcluding": "27.01.05", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:*", "matchCriteriaId": "FDF9D4C3-1892-48FA-95B4-835B636A4005", "vulnerable": false}, {"criteria": "cpe:2.3:h:siemens:simatic_ipc477e_pro:-:*:*:*:*:*:*:*", "matchCriteriaId": "3FC5CE20-7D08-4496-A857-C3A4BD0AB1AC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_ipc527g_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "65A6E7CD-4AEA-465D-89B3-6EF66E4F17B6", "versionEndExcluding": "1.4.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_ipc527g:-:*:*:*:*:*:*:*", "matchCriteriaId": "55156889-E9DA-4F04-B894-339DC39CA942", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_ipc547g_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FEA68927-4910-4DF3-A16B-7187099CC063", "versionEndExcluding": "r1.30.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_ipc547g:-:*:*:*:*:*:*:*", "matchCriteriaId": "9EB339B5-602F-4AB5-9998-465FDC6ABD6C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_ipc627e_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6779ADD8-298D-4FF4-8AD3-82E995B2E144", "versionEndExcluding": "25.02.08", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_ipc627e:-:*:*:*:*:*:*:*", "matchCriteriaId": "9D9AF082-8345-4BE1-B1FC-6E0316BB833B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_ipc647e_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5D3BECCA-5783-4B3C-B659-21160B4D2726", "versionEndExcluding": "25.02.08", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_ipc647e:-:*:*:*:*:*:*:*", "matchCriteriaId": "E430C4C5-D887-47C6-B50F-66EEE9519151", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_ipc667e_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6822E36B-D635-498B-9A64-BE427DC798EA", "versionEndExcluding": "25.02.08", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_ipc667e:-:*:*:*:*:*:*:*", "matchCriteriaId": "4E6BC195-47BB-48A7-8D73-F800B4C11599", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_ipc847e_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C5CB316-59B9-4DDB-A8B8-14D8BCD991CE", "versionEndExcluding": "25.02.08", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_ipc847e:-:*:*:*:*:*:*:*", "matchCriteriaId": "1157418C-14C4-43C4-B63E-7E98D868A94F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_itp1000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4ABF49D4-34CE-4DEA-AA2E-A40A53472D1F", "versionEndExcluding": "23.01.08", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:*", "matchCriteriaId": "187C6D51-5B86-484D-AE0F-26D1C9465580", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:sinumerik_828d_hw_pu.4_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AC13F580-5446-437D-9982-280C80EAE2D3", "versionEndExcluding": "08.00.00.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:sinumerik_828d_hw_pu.4:-:*:*:*:*:*:*:*", "matchCriteriaId": "2C594847-596D-4FA2-B56C-745D0A84EBC9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:sinumerik_mc_mcu_1720_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DF3A945B-078B-45C6-9BA3-3C52650095F1", "versionEndExcluding": "05.00.00.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:sinumerik_mc_mcu_1720:-:*:*:*:*:*:*:*", "matchCriteriaId": "DF61B283-76B7-42BB-B88A-EE12EA5AA905", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:sinumerik_one_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4FADF6B2-FFE7-4C4E-BF93-61CAA9368285", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:sinumerik_one:-:*:*:*:*:*:*:*", "matchCriteriaId": "AE30FFDF-5494-400D-8F88-954A6B1503B9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:sinumerik_840d_sl_ht_10_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "CD5F035E-5F72-4E15-BF13-294C3A833BF7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:sinumerik_840d_sl_ht_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "14CED950-F0AB-48D1-9ED8-3357E02AEADE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:sinumerik_one_ncu_1740_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BE992410-C477-4901-8B18-8AB866BF11A6", "versionEndExcluding": "04.00.00.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:sinumerik_one_ncu_1740:-:*:*:*:*:*:*:*", "matchCriteriaId": "F0BCDA32-9100-4D88-A304-CE989A16A06D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:sinumerik_one_ppu_1740_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4A4EDCE-6363-43EB-9CE8-11C0BA40E696", "versionEndExcluding": "06.00.00.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:sinumerik_one_ppu_1740:-:*:*:*:*:*:*:*", "matchCriteriaId": "75815DC0-5782-4BD6-A9DD-F0BE33D2F5FD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25 , Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an unauthenticated user to potentially enable escalation of privilege via physical access."}, {"lang": "es", "value": "Una administraci\u00f3n de flujo de control insuficiente en el subsistema para Intel\u00ae CSME versiones anteriores a 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 y 14.5.25, Intel\u00ae TXE versiones anteriores a 3.1.80 y 4.0.30, pueden habilitar a un usuario no autenticado para permitir potencialmente una escalada de privilegios por medio de un acceso f\u00edsico"}], "id": "CVE-2020-8745", "lastModified": "2024-11-21T05:39:22.207", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "
[email protected]", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 5.9, "source": "
[email protected]", "type": "Primary"}]}, "published": "2020-11-12T18:15:17.300", "references": [{"source": "
[email protected]", "tags": ["Patch", "Third Party Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf"}, {"source": "
[email protected]", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20201113-0002/"}, {"source": "
[email protected]", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20201113-0005/"}, {"source": "
[email protected]", "tags": ["Vendor Advisory"], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00391"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20201113-0002/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20201113-0005/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00391"}], "sourceIdentifier": "
[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "
[email protected]", "type": "Primary"}]}