Permissions, Privileges, and Access Controls in Intel products - CVE-2020-12288

 

Permissions, Privileges, and Access Controls in Intel products - CVE-2020-12288

Published: June 15, 2021


Vulnerability identifier: #VU54123
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2020-12288
CWE-ID: CWE-264
Exploitation vector: Local access
Exploit availability: No public exploit available
Vendor: Intel
Affected software:
Intel Thunderbolt DSL5520
Intel Thunderbolt DSL5320
Intel Thunderbolt DSL6340
Intel Thunderbolt DSL6540
Intel Thunderbolt JHL6540
Intel Thunderbolt JHL6340
Intel Thunderbolt JHL6240
Intel Thunderbolt JHL7540
Intel Thunderbolt JHL7340
Intel Thunderbolt JHL7440
Intel Thunderbolt JHL8040R
Intel Thunderbolt JHL8010R
Intel Thunderbolt JHL7040

Detailed vulnerability description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to protection mechanism failure. A local user can cause a denial of service condition on the target system.


How to mitigate CVE-2020-12288

Install updates from vendor's website.

Sources