MEDIUM✓ PATCH🇬🇧 English

CVE-2020-12355

CVSS 6.8v3.1pub. 2020-11-12upd. 2025-11-04

Authentication bypass by capture-replay in RPMB protocol message authentication subsystem in Intel(R) TXE versions before 4.0.30 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

oryginał EN
CVSS Vector
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Intel Trusted Execution Engine

    OS
    Intel
    < 4.0.30
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
Auth Bypass
CWE
Referencje

Powiązane podatności

CVE-2020-8744HIGH7.8ten sam produkt

Improper initialization in subsystem for Intel(R) CSME versions before12.0.70, 13.0.40, 13.30.10, 14.0.45 and ...

CVE-2020-8750HIGH7.8ten sam produkt

Use after free in Kernel Mode Driver for Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an authentic...

CVE-2020-0545MEDIUM4.4ten sam produkt

Integer overflow in subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77 and Intel(R) TXE v...

CVE-2021-45046CRITICAL9.0⚠ KEVten sam vendor

It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-defau...

CVE-2021-44228CRITICAL10.0⚠ KEVten sam vendor

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features u...