CVE-2020-8705 Security Vulnerability & Exploit Details

CVE-2020-8705
Vulnerability Scoring

6.8

/10

Attack Complexity Details

Attack Complexity: Low Impact
Attack Vector: PHYSICAL
Privileges Required: None
Scope: UNCHANGED
User Interaction: NONE

CIA Impact Definition

Confidentiality: HIGH IMPACT
Integrity: HIGH IMPACT
Availability: HIGH IMPACT

CVE-2020-8705 Vulnerability Summary

Insecure default initialization of resource in Intel(R) Boot Guard in Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions before 3.1.80 and 4.0.30, Intel(R) SPS versions before E5_04.01.04.400, E3_04.01.04.200, SoC-X_04.00.04.200 and SoC-A_04.00.04.300 may allow an unauthenticated user to potentially enable escalation of privileges via physical access.

Access Complexity Graph for CVE-2020-8705

Impact Analysis for CVE-2020-8705

CVE-2020-8705 Detailed Information and External References

Exploit Prediction Scoring System (EPSS)

The EPSS score estimates the probability that this vulnerability will be exploited in the near future.

0.00200

EPSS %

0.58305

References

CWE

CWE-1188

CAPEC

Exploitation of Thunderbolt Protection Flaws CAPEC-665 An adversary leverages a firmware weakness within the Thunderbolt protocol, on a computing device to manipulate Thunderbolt controller firmware in order to exploit vulnerabilities in the implementation of authorization and verification schemes within Thunderbolt protection mechanisms. Upon gaining physical access to a target device, the adversary conducts high-level firmware manipulation of the victim Thunderbolt controller SPI (Serial Peripheral Interface) flash, through the use of a SPI Programing device and an external Thunderbolt device, typically as the target device is booting up. If successful, this allows the adversary to modify memory, subvert authentication mechanisms, spoof identities and content, and extract data and memory from the target device. Currently 7 major vulnerabilities exist within Thunderbolt protocol with 9 attack vectors as noted in the Execution Flow.

Vulnerable Configurations

cpe:2.3:a:intel:converged_security_and_manageability_engine:-:*:*:*:*:*:*:*
cpe:2.3:a:intel:converged_security_and_manageability_engine:-:*:*:*:*:*:*:*
cpe:2.3:a:intel:converged_security_and_manageability_engine:13.0:*:*:*:*:*:*:*
cpe:2.3:a:intel:converged_security_and_manageability_engine:13.0:*:*:*:*:*:*:*
cpe:2.3:a:intel:converged_security_and_manageability_engine:13.30.0:*:*:*:*:*:*:*
cpe:2.3:a:intel:converged_security_and_manageability_engine:13.30.0:*:*:*:*:*:*:*
cpe:2.3:a:intel:trusted_execution_technology:3.1.80:*:*:*:*:*:*:*
cpe:2.3:a:intel:trusted_execution_technology:3.1.80:*:*:*:*:*:*:*
cpe:2.3:a:intel:trusted_execution_technology:4.0.30:*:*:*:*:*:*:*
cpe:2.3:a:intel:trusted_execution_technology:4.0.30:*:*:*:*:*:*:*
cpe:2.3:a:intel:server_platform_services:sps_e3_04.01.04.200:*:*:*:*:*:*:*
cpe:2.3:a:intel:server_platform_services:sps_e3_04.01.04.200:*:*:*:*:*:*:*
cpe:2.3:a:intel:server_platform_services:sps_e5_04.01.04.400:*:*:*:*:*:*:*
cpe:2.3:a:intel:server_platform_services:sps_e5_04.01.04.400:*:*:*:*:*:*:*
cpe:2.3:a:intel:server_platform_services:sps_soc-a_04.00.04.300:*:*:*:*:*:*:*
cpe:2.3:a:intel:server_platform_services:sps_soc-a_04.00.04.300:*:*:*:*:*:*:*
cpe:2.3:a:intel:server_platform_services:sps_soc-x_04.00.04.200:*:*:*:*:*:*:*
cpe:2.3:a:intel:server_platform_services:sps_soc-x_04.00.04.200:*:*:*:*:*:*:*

CVSS3 Source

nvd@nist.gov

CVSS3 Type

Primary

CVSS3 Vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Protect Your Infrastructure: Combat Critical CVE Threats

Stay updated with real-time CVE vulnerabilities and take action to secure your systems. Enhance your cybersecurity posture with the latest threat intelligence and mitigation techniques. Develop the skills necessary to defend against CVEs and secure critical infrastructures. Join the top cybersecurity professionals safeguarding today's infrastructures.

Recently Published CVEs

CVE-2025-1381 – A vulnerability was found in code-projects Real Estate Property Management System 1.0. It has been classified as critical. This affects an unknown ...
CVE-2025-1380 – A vulnerability was found in Codezips Gym Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of...
CVE-2025-1379 – A vulnerability has been found in code-projects Real Estate Property Management System 1.0 and classified as critical. Affected by this vulnerabili...
CVE-2025-1378 – A vulnerability, which was classified as problematic, was found in radare2 5.9.9 33286. Affected is an unknown function in the library /libr/main/r...
CVE-2024-47935 – Improper Validation of Integrity Check Value vulnerability in TXOne Networks StellarProtect (Legacy Mode), StellarEnforce, and Safe Lock allows an ...
CVE-2024-13726 – The Coder WordPress plugin through 1.3.4 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action ...
CVE-2024-13627 – The OWL Carousel Slider WordPress plugin through 2.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a R...
CVE-2024-13626 – The VR-Frases (collect & share quotes) WordPress plugin through 3.0.1 does not sanitise and escape a parameter before outputting it back in the pag...
CVE-2024-13625 – The Tube Video Ads Lite WordPress plugin through 1.5.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a...
CVE-2024-13608 – The Track Logins WordPress plugin through 1.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perfo...

CVE-2020-8705 Vulnerability Analysis & Exploit Details

CVE-2020-8705 Vulnerability Scoring