CVE-2020-24491

Published: Feb 17, 2021Modified: Nov 21, 2024

4.4

Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Exploitability: 0.8 / Impact: 3.6

Source: NVD

Description

Debug message containing addresses of memory transactions in some Intel(R) 10th Generation Core Processors supporting SGX may allow a privileged user to potentially enable information disclosure via local access.

Affected (10)

Products: Intel: Core I3, Core I5, Core I7

3 products

Configuration A

10 vulnerable

Vulnerable Software	Affected Versions
Intel Core I3	Version 1000g1
Intel Core I3	Version 1000g4
Intel Core I3	Version 1005g1
Intel Core I5	Version 1030g4
Intel Core I5	Version 1030g7
Intel Core I5	Version 1035g1
Intel Core I5	Version 1035g4
Intel Core I5	Version 1035g7
Intel Core I7	Version 1060g7
Intel Core I7	Version 1065g7

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (2)

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00455.html

Source: secure@intel.com

PatchVendor Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00455.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.