siemens

simatic_ipc547g_firmware

12 known vulnerabilities · sorted by CVSS score

CVE-2020-12360

Out of bounds read in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.

intel / bios+10

Local

Published Jun 9, 2021

CVE-2020-0590

HIGH7.8

Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.

intel / xeon_bronze_3206r_firmware+136

Local

Published Nov 12, 2020

CVE-2020-8745

MEDIUM6.8

Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25 , Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

intel / converged_security_and_manageability_engine+27

Physical

Published Nov 12, 2020

CVE-2020-12357

MEDIUM6.7

Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

intel / bios+18

Local

Published Jun 9, 2021

CVE-2020-8703

MEDIUM6.7

Improper buffer restrictions in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32 and 15.0.22 may allow a privileged user to potentially enable escalation of privilege via local access.

intel / converged_security_and_manageability_engine+21

Local

Published Jun 9, 2021

CVE-2020-8704

MEDIUM6.4

Race condition in a subsystem in the Intel(R) LMS versions before 2039.1.0.0 may allow a privileged user to potentially enable escalation of privilege via local access.

intel / local_manageability_service+12

Local

Published Jun 9, 2021

CVE-2020-8670

MEDIUM6.4

Race condition in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

intel / bios+17

Local

Published Jun 9, 2021

CVE-2020-0543

MEDIUM5.5

Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

intel / core_i7-6660u+701

Local

Published Jun 15, 2020

CVE-2018-3639

MEDIUM5.5

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.

intel / atom_c+625

Local

Published May 22, 2018

CVE-2020-24486

MEDIUM5.5

Improper input validation in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local access.

intel / bios+8

Local

Published Jun 9, 2021

CVE-2020-12358

MEDIUM4.4

Out of bounds write in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access.

intel / bios+8

Local

Published Jun 9, 2021

CVE-2020-24507

MEDIUM4.4

Improper initialization in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11 and 15.0.22 may allow a privileged user to potentially enable information disclosure via local access.

intel / converged_security_and_manageability_engine+21

Local

Published Jun 9, 2021