Race condition in a subsystem in the Intel(R) LMS versions before 2039.1.0.0 may allow a privileged user to potentially enable escalation of privilege via local access.
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf | Third Party Advisory |
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
Configuration 13 (hide)
AND |
|
History
22 Apr 2022, 16:20
Type | Values Removed | Values Added |
---|---|---|
First Time |
Siemens simatic Ipc627e Firmware
Siemens simatic Itp1000 Firmware Siemens Siemens simatic Ipc677e Siemens simatic Ipc847e Siemens simatic Ipc477e Pro Siemens simatic Ipc477e Firmware Siemens simatic Ipc427e Firmware Siemens simatic Ipc847e Firmware Siemens simatic Itp1000 Siemens simatic Ipc527g Siemens simatic Field Pg M6 Firmware Siemens simatic Ipc477e Siemens simatic Field Pg M5 Firmware Siemens simatic Ipc647e Siemens simatic Field Pg M6 Siemens simatic Ipc547g Firmware Siemens simatic Field Pg M5 Siemens simatic Ipc427e Siemens simatic Ipc677e Firmware Siemens simatic Ipc477e Pro Firmware Siemens simatic Ipc647e Firmware Siemens simatic Ipc627e Siemens simatic Ipc547g Siemens simatic Ipc527g Firmware |
|
CPE | cpe:2.3:o:siemens:simatic_ipc527g_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc647e:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc847e:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_itp1000_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_field_pg_m5:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc627e:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc477e_pro:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc627e_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc847e_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_field_pg_m6_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc547g:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc677e_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc547g_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc477e_pro_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc677e:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc527g:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_field_pg_m6:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc647e_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc427e_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc477e_firmware:*:*:*:*:*:*:*:* |
|
References |
|
28 Jun 2021, 18:41
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-362 | |
CPE | cpe:2.3:a:intel:local_manageability_service:*:*:*:*:*:*:*:* | |
References | (MISC) https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 4.4
v3 : 6.4 |
09 Jun 2021, 19:22
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-06-09 19:15
Updated : 2023-12-10 13:55
NVD link : CVE-2020-8704
Mitre link : CVE-2020-8704
CVE.ORG link : CVE-2020-8704
JSON object : View
Products Affected
siemens
- simatic_ipc847e_firmware
- simatic_ipc527g
- simatic_ipc677e_firmware
- simatic_ipc627e
- simatic_ipc427e_firmware
- simatic_field_pg_m5_firmware
- simatic_itp1000_firmware
- simatic_ipc547g
- simatic_itp1000
- simatic_field_pg_m5
- simatic_ipc477e
- simatic_ipc627e_firmware
- simatic_ipc847e
- simatic_ipc547g_firmware
- simatic_ipc477e_firmware
- simatic_field_pg_m6_firmware
- simatic_ipc647e_firmware
- simatic_field_pg_m6
- simatic_ipc477e_pro_firmware
- simatic_ipc427e
- simatic_ipc647e
- simatic_ipc477e_pro
- simatic_ipc527g_firmware
- simatic_ipc677e
intel
- local_manageability_service
CWE
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')