CVE-2020-24513

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00465.html

https://www.debian.org/security/2021/dsa-4934

https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html

Details

Source: MITRE

Published: 2021-06-09

Updated: 2021-08-10

Risk Information

CVSS v2

Base Score: 2.1

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 3.9

Severity: LOW

CVSS v3

Base Score: 6.5

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Impact Score: 4

Exploitability Score: 2

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:h:intel:atom_c3308:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_c3336:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_c3338:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_c3338r:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_c3436l:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_c3508:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_c3538:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_c3558:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_c3558r:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_c3558rc:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_c3708:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_c3750:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_c3758:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_c3808:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_c3850:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_c3858:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_c3830:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_c3950:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_c3955:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_c3958:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_x5-a3930:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_x5-a3940:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_c3758r:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_x5-a3950:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_x5-a3960:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_x6413e:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_x6425re:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_p5942b:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_x6200fe:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_x6211e:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_x6212re:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_x6425e:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_x6427fe:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_j4005:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_n4100:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_n4000:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_j4105:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_j3355:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_n3350:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_j3455:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_n3450:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:pentium_silver_j5005:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:pentium_silver_n5000:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:pentium_silver_j5040:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:pentium_silver_n5030:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:pentium_j4205:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_j4125:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_j4025:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_j3355e:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_n4120:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_n4020:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_n3350e:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:pentium_n4200:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:core_i5-l16g7:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:core_i3-l13g4:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:pentium_j6425:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:pentium_n6415:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:pentium_n4200e:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_j6413:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_j3455e:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_n6211:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:p5931b:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:p5962b:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:p5921b:-:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Tenable Plugins

View all (25 total)

IDNameProductFamilySeverity
154545NewStart CGSL CORE 5.04 / MAIN 5.04 : microcode_ctl Multiple Vulnerabilities (NS-SA-2021-0113)NessusNewStart CGSL Local Security Checks
high
152078Debian DLA-2718-1 : intel-microcode - LTS security updateNessusDebian Local Security Checks
high
151708openSUSE 15 Security Update : ucode-intel (openSUSE-SU-2021:1933-1)NessusSuSE Local Security Checks
high
151217Oracle Linux 8 : microcode_ctl (ELSA-2021-2308)NessusOracle Linux Local Security Checks
high
151127SUSE SLES11 Security Update : microcode_ctl (SUSE-SU-2021:14758-1)NessusSuSE Local Security Checks
high
151073openSUSE 15 Security Update : ucode-intel (openSUSE-SU-2021:0876-1)NessusSuSE Local Security Checks
critical
151037Debian DSA-4934-1 : intel-microcode - security updateNessusDebian Local Security Checks
high
150831CentOS 8 : microcode_ctl (CESA-2021:2308)NessusCentOS Local Security Checks
high
150829RHEL 7 : microcode_ctl (RHSA-2021:2300)NessusRed Hat Local Security Checks
high
150810RHEL 8 : microcode_ctl (RHSA-2021:2308)NessusRed Hat Local Security Checks
high
150808RHEL 8 : microcode_ctl (RHSA-2021:2306)NessusRed Hat Local Security Checks
high
150761Scientific Linux Security Update : microcode_ctl on SL7.x x86_64 (2021:2305)NessusScientific Linux Local Security Checks
high
150745SUSE SLES15 Security Update : ucode-intel (SUSE-SU-2021:1932-1)NessusSuSE Local Security Checks
critical
150740SUSE SLES12 Security Update : ucode-intel (SUSE-SU-2021:1930-1)NessusSuSE Local Security Checks
critical
150737SUSE SLES15 Security Update : ucode-intel (SUSE-SU-2021:1931-1)NessusSuSE Local Security Checks
critical
150731SUSE SLED15 / SLES15 Security Update : ucode-intel (SUSE-SU-2021:1933-1)NessusSuSE Local Security Checks
critical
150726SUSE SLES12 Security Update : ucode-intel (SUSE-SU-2021:1929-1)NessusSuSE Local Security Checks
critical
150693Oracle Linux 7 : microcode_ctl (ELSA-2021-2305)NessusOracle Linux Local Security Checks
high
150394Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 / 21.04 : Intel Microcode vulnerabilities (USN-4985-1)NessusUbuntu Local Security Checks
critical
150393RHEL 7 : microcode_ctl (RHSA-2021:2304)NessusRed Hat Local Security Checks
high
150392RHEL 7 : microcode_ctl (RHSA-2021:2301)NessusRed Hat Local Security Checks
high
150391RHEL 8 : microcode_ctl (RHSA-2021:2307)NessusRed Hat Local Security Checks
high
150390RHEL 7 : microcode_ctl (RHSA-2021:2303)NessusRed Hat Local Security Checks
high
150389RHEL 7 : microcode_ctl (RHSA-2021:2302)NessusRed Hat Local Security Checks
high
150388RHEL 7 : microcode_ctl (RHSA-2021:2305)NessusRed Hat Local Security Checks
high