Strix
26.1K

CVE-2020-8694

MEDIUMCVSS 5.5/10EPSS 0.45%

Last modified

CVE-2020-8694 is a medium-severity vulnerability rated 5.5/10 on the CVSS scale. Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.. EPSS estimates a 0.45% chance of exploitation in the next 30 days.

Description

Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Metrics

CVSS 3.1
5.5/10

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS Probability
0.45%

35.6th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
IntelCore I7-8510y FirmwareAll versions
IntelCore I7-8500y FirmwareAll versions
IntelCore I5-8310y FirmwareAll versions
IntelCore I5-8210y FirmwareAll versions
IntelCore I5-8200y FirmwareAll versions
IntelCore M3-8100y FirmwareAll versions
IntelCore I7-7500u FirmwareAll versions
IntelCore I7-7510u FirmwareAll versions
IntelCore I7-7600u FirmwareAll versions
IntelCore I5-7200u FirmwareAll versions
IntelCore I5-7210u FirmwareAll versions
IntelCore I5-7300u FirmwareAll versions
IntelCore I5-7500u FirmwareAll versions
IntelCore I3-7007u FirmwareAll versions
IntelCore I3-7100u FirmwareAll versions
IntelCore I3-7110u FirmwareAll versions
IntelCore I3-7130u FirmwareAll versions
IntelPentium 4415u FirmwareAll versions
IntelCeleron 3865u FirmwareAll versions
IntelCeleron 3965u FirmwareAll versions
IntelCore I7-7560u FirmwareAll versions
IntelCore I7-7567u FirmwareAll versions
IntelCore I7-7660u FirmwareAll versions
IntelCore I5-7260u FirmwareAll versions
IntelCore I5-7267u FirmwareAll versions
IntelCore I5-7287u FirmwareAll versions
IntelCore I5-7360u FirmwareAll versions
IntelCore I3-7367u FirmwareAll versions
IntelCore I7-7y75 FirmwareAll versions
IntelCore I5-7y54 FirmwareAll versions
IntelCore I5-7y57 FirmwareAll versions
IntelCore M3-7y30 FirmwareAll versions
IntelPentium 4410y FirmwareAll versions
IntelPentium 4415y FirmwareAll versions
IntelCeleron 3965y FirmwareAll versions
IntelCore I7-8565u FirmwareAll versions
IntelCore I7-8665u FirmwareAll versions
IntelCore I5-8365u FirmwareAll versions
IntelCore I5-8265u FirmwareAll versions
IntelCore I9-8950hk FirmwareAll versions
IntelCore I7-8700b FirmwareAll versions
IntelCore I7-8750h FirmwareAll versions
IntelCore I7-8850h FirmwareAll versions
IntelCore I5-8300h FirmwareAll versions
IntelCore I5-8400b FirmwareAll versions
IntelCore I5-8400h FirmwareAll versions
IntelCore I5-8500b FirmwareAll versions
IntelCore I7-8670 FirmwareAll versions
IntelCore I7-8670t FirmwareAll versions
IntelCore I7-8700 FirmwareAll versions

Showing 50 of 299 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2020-8694?
Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
How severe is CVE-2020-8694?
CVE-2020-8694 has a CVSS score of 5.5/10 (MEDIUM severity). The EPSS model estimates a 0.45% probability of exploitation in the next 30 days.
How do I fix CVE-2020-8694?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2020-8694?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST