Main Vulnerability Database Vulnerabilities #VU48440

#VU48440 Buffer overflow in Intel Quartus Prime Pro - CVE-2020-8737

Published: November 12, 2020 / Updated: November 16, 2020

Vulnerability identifier: #VU48440

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2020-8737

CWE-ID: CWE-119

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Intel Quartus Prime Pro

Software vendor:
Intel

Description

The vulnerability allows a local attacker to compromise the target system.

The vulnerability exists due to a boundary error in the Intel Stratix 10 FPGA firmware. An attacker with physical access can trigger memory corruption and enable escalation of privilege or information disclosure.

Remediation

Install updates from vendor's website.

External links

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00388

#VU48440 Buffer overflow in Intel Quartus Prime Pro - CVE-2020-8737

Description

Remediation

External links

Please verify you're human