CVE-2020-12333

Published: Nov 12, 2020Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Insufficiently protected credentials in the Intel(R) QAT for Linux before version 1.7.l.4.10.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected (1)

Products: Intel: Quickassist Technology

Intel

1 product

Quickassist Technology

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Intel Quickassist Technology	Before 1.7.l.4.10.0

Related CWEs

CWE-522

Insufficiently Protected Credentials

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

References (2)

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00420

Source: secure@intel.com

Vendor Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00420

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.