Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25 , Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
References
| Link | Resource |
|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf | Patch Third Party Advisory |
| https://security.netapp.com/advisory/ntap-20201113-0002/ | Third Party Advisory |
| https://security.netapp.com/advisory/ntap-20201113-0005/ | Third Party Advisory |
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00391 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
Configuration 7 (hide)
| AND |
|
Configuration 8 (hide)
| AND |
|
Configuration 9 (hide)
| AND |
|
Configuration 10 (hide)
| AND |
|
Configuration 11 (hide)
| AND |
|
Configuration 12 (hide)
| AND |
|
Configuration 13 (hide)
| AND |
|
Configuration 14 (hide)
| AND |
|
Configuration 15 (hide)
| AND |
|
Configuration 16 (hide)
| AND |
|
Configuration 17 (hide)
| AND |
|
Configuration 18 (hide)
| AND |
|
Configuration 19 (hide)
| AND |
|
Configuration 20 (hide)
| AND |
|
Configuration 21 (hide)
| AND |
|
Configuration 22 (hide)
| AND |
|
History
14 Oct 2022, 11:23
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:h:siemens:simatic_ipc477e_pro:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc547g:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc847e:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:sinumerik_mc_mcu_1720:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc847e_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc627e:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_et200sp_1515sp_pc2:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc647e:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc127e_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:sinumerik_840d_sl_ht_10_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc127e:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc527g:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:sinumerik_828d_hw_pu.4:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:sinumerik_one_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc547g_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_itp1000_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc647e_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc427e_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_drive_controller_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc477e_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc667e_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:sinumerik_one_ncu_1740:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:sinumerik_one_ncu_1740_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:sinumerik_mc_mcu_1720_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:sinumerik_one_ppu_1740_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_field_pg_m5:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_field_pg_m6_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:sinumerik_840d_sl_ht_10:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc627e_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_drive_controller:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_field_pg_m6:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:sinumerik_828d_hw_pu.4_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_et200sp_1515sp_pc2_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:sinumerik_one_ppu_1740:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:sinumerik_one:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc667e:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc527g_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:*:*:*:*:*:*:*:* |
|
| CWE | NVD-CWE-noinfo | |
| First Time |
Siemens sinumerik One Ppu 1740
Siemens simatic Field Pg M5 Firmware Siemens simatic Ipc477e Pro Siemens simatic Ipc667e Siemens simatic Ipc127e Siemens simatic Ipc427e Firmware Siemens simatic Ipc547g Firmware Siemens simatic Field Pg M5 Siemens simatic Ipc847e Siemens simatic Ipc647e Firmware Siemens sinumerik Mc Mcu 1720 Siemens sinumerik One Siemens simatic Ipc547g Siemens simatic Drive Controller Firmware Siemens sinumerik One Ncu 1740 Firmware Siemens simatic Ipc527g Siemens Siemens simatic Drive Controller Siemens sinumerik One Ncu 1740 Siemens simatic Ipc647e Siemens simatic Field Pg M6 Siemens simatic Ipc847e Firmware Siemens sinumerik 828d Hw Pu.4 Siemens simatic Ipc127e Firmware Siemens sinumerik One Firmware Siemens simatic Ipc627e Siemens simatic Itp1000 Firmware Siemens simatic Itp1000 Siemens simatic Et200sp 1515sp Pc2 Firmware Siemens sinumerik Mc Mcu 1720 Firmware Siemens simatic Ipc427e Siemens simatic Ipc627e Firmware Siemens sinumerik 828d Hw Pu.4 Firmware Siemens simatic Field Pg M6 Firmware Siemens sinumerik One Ppu 1740 Firmware Siemens sinumerik 840d Sl Ht 10 Siemens simatic Ipc527g Firmware Siemens simatic Et200sp 1515sp Pc2 Siemens sinumerik 840d Sl Ht 10 Firmware Siemens simatic Ipc667e Firmware Siemens simatic Ipc477e Firmware Siemens simatic Ipc477e |
|
| References | (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf - Patch, Third Party Advisory |
11 May 2021, 13:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Information
Published : 2020-11-12 18:15
Updated : 2023-12-10 13:41
NVD link : CVE-2020-8745
Mitre link : CVE-2020-8745
CVE.ORG link : CVE-2020-8745
JSON object : View
Products Affected
siemens
- simatic_ipc547g_firmware
- simatic_ipc127e_firmware
- simatic_ipc627e_firmware
- simatic_ipc427e_firmware
- sinumerik_one_ncu_1740_firmware
- sinumerik_mc_mcu_1720_firmware
- simatic_ipc627e
- simatic_ipc477e_pro
- sinumerik_one_ppu_1740
- simatic_ipc427e
- simatic_ipc847e_firmware
- simatic_field_pg_m5_firmware
- sinumerik_one_ppu_1740_firmware
- simatic_ipc127e
- simatic_ipc477e_firmware
- sinumerik_840d_sl_ht_10
- simatic_ipc647e
- sinumerik_one
- sinumerik_840d_sl_ht_10_firmware
- simatic_ipc647e_firmware
- simatic_itp1000
- sinumerik_828d_hw_pu.4
- simatic_drive_controller
- simatic_ipc547g
- simatic_field_pg_m6_firmware
- sinumerik_one_ncu_1740
- simatic_ipc527g_firmware
- simatic_field_pg_m5
- sinumerik_mc_mcu_1720
- sinumerik_one_firmware
- simatic_ipc847e
- simatic_itp1000_firmware
- simatic_ipc667e_firmware
- simatic_field_pg_m6
- simatic_ipc667e
- simatic_et200sp_1515sp_pc2_firmware
- simatic_et200sp_1515sp_pc2
- simatic_ipc477e
- simatic_ipc527g
- sinumerik_828d_hw_pu.4_firmware
- simatic_drive_controller_firmware
intel
- trusted_execution_technology
- converged_security_and_manageability_engine
CWE