Potential security vulnerabilities in some Intel® Ethernet Controllers may allow denial of service.** **Intel is releasing firmware updates to mitigate these potential vulnerabilities.
CVEID: CVE-2020-24492
Description: Insufficient access control in the firmware for the Intel® 722 Ethernet Controllers before version 1.5 may allow a privileged user to potentially enable a denial of service via local access.
CVSS Base Score: 6.0 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
CVEID: CVE-2020-24493
Description: Insufficient access control in the firmware for the Intel® 700-series of Ethernet Controllers before version 8.0 may allow a privileged user to potentially enable denial of service via local access.
CVSS Base Score: 6.0 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
CVEID: CVE-2020-24495
Description: Insufficient access control in the firmware for the Intel® 700-series of Ethernet Controllers before version 7.3 may allow a privileged user to potentially enable denial of service via local access.
CVSS Base Score: 6.0 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
CVEID: CVE-2020-24498
Description: Buffer overflow in the firmware for Intel® E810 Ethernet Controllers before version 1.4.1.13 may allow a privileged user to potentially enable denial of service via local access.
CVSS Base Score: 6.0 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
CVEID: CVE-2020-24494
Description: Insufficient access control in the firmware for the Intel® 722 Ethernet Controllers before version 1.4.3 may allow a privileged user to potentially enable denial of service via local access.
CVSS Base Score: 5.1 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
CVEID: CVE-2020-24497
Description: Insufficient Access Control in the firmware for Intel® E810 Ethernet Controllers before version 1.4.1.13 may allow a privileged user to potentially enable denial of service via local access.
CVSS Base Score: 5.1 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
CVEID: CVE-2020-24501
Description: Buffer overflow in the firmware for Intel® E810 Ethernet Controllers before version 1.4.1.13 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVSS Base Score: 3.5 Low
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L
CVEID: CVE-2020-24496
Description: Insufficient input validation in the firmware for Intel® 722 Ethernet Controllers before version 1.4.3 may allow a privileged user to potentially enable denial of service via local access.
CVSS Base Score: 3.4 Low
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L
CVEID: CVE-2020-24505
Description: Insufficient input validation in the firmware for the Intel® 700-series of Ethernet Controllers before version 7.3 may allow a privileged user to potentially enable denial of service via local access.
CVSS Base Score: 3.4 Low
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L
CVEID: CVE-2020-24500
Description: Buffer overflow in the firmware for Intel® E810 Ethernet Controllers before version 1.4.1.13 may allow a privileged user to potentially enable a denial of service via local access.
CVSS Base Score: Low 2.3
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
Intel® 700-series Ethernet Controllers before version 7.3.
Intel® 700-series Ethernet Controllers before version 8.0.
Intel® 722 Ethernet Controllers before version 1.4.3.
Intel® E810 Ethernet Controllers before version 1.4.1.13.
Intel recommends updating the Intel® Ethernet Controller firmware to the latest version.
Updates are available for download at this location:
These issues were found internally by Intel employees.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.