Home > 详细页 > 安全公告详细

Security Notice - Statement On intel-sa-00295

  • Initial Release Date 2020-07-02 17:52:06
  • last Release Date 2020-07-02 17:52:06
Vulnerability Summary

Potential security vulnerabilities in Intel Converged Security and Manageability Engine (CSME), Intel Server Platform Services (SPS), Intel Trusted Execution Engine (TXE), Intel Active Management Technology (AMT), Intel Standard Manageability (ISM) and Intel Dynamic Application Loader (DAL) may allow escalation of privilege, denial of service or information disclosure.  Intel is releasing firmware and software updates to mitigate these potential vulnerabilities.

Product Impact
CVE CVSS Affected Products
CVE-2020-0594 CVSS Base Score: 9.8 Critical
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
none
CVE-2020-0595 CVSS Base Score: 9.8 Critical
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
none
CVE-2020-0586 CVSS Base Score: 8.4 High
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
none
CVE-2020-0542 CVSS Base Score: 7.8 High
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
none
CVE-2020-0596 CVSS Base Score: 7.5 High
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
none
CVE-2020-0538 CVSS Base Score: 7.5 High
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
none
CVE-2020-0534 CVSS Base Score: 7.5 High
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
none
CVE-2020-0533 CVSS Base Score: 7.5 High
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
none
CVE-2020-0566 CVSS Base Score: 7.3 High
CVSS Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
none
CVE-2020-0532 CVSS Base Score: 7.1 High
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
none
CVE-2020-0541 CVSS Base Score: 6.7 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
none
CVE-2020-0597 CVSS Base Score: 6.5 Medium
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
none
CVE-2020-0531 CVSS Base Score: 6.5 Medium
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
none
CVE-2020-0535 CVSS Base Score: 5.3 Medium
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
none
CVE-2020-0540 CVSS Base Score: 5.3 Medium
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
none
CVE-2020-0536 CVSS Base Score: 5.3 Medium
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
none
CVE-2020-0537 CVSS Base Score: 4.9 Medium
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
none
CVE-2020-0545 CVSS Base Score: 4.4 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
server M5
CVE-2020-8674 CVSS Base Score: 4.3 Medium
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
none
CVE-2020-0539 CVSS Base Score: 3.3 Low
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
none

Resource

intel-sa-00295:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html 

Revision History

2020-07-02 V1.0 INITIAL

Declaration

Inspur shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, Inspur disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement. In no event shall Inspur or any of its directly or indirectly controlled subsidiaries or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. Your use of the document, by whatsoever means, will be totally at your own risk. Inspur is entitled to amend or update this document from time to time.