#VU54119 Resource exhaustion in Intel products - CVE-2020-12296
Published: June 15, 2021
Vulnerability identifier: #VU54119
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2020-12296
CWE-ID: CWE-400
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Intel Thunderbolt DSL5520
Intel Thunderbolt DSL5320
Intel Thunderbolt DSL6340
Intel Thunderbolt DSL6540
Intel Thunderbolt JHL6540
Intel Thunderbolt JHL6340
Intel Thunderbolt JHL6240
Intel Thunderbolt JHL7540
Intel Thunderbolt JHL7340
Intel Thunderbolt JHL7440
Intel Thunderbolt JHL8040R
Intel Thunderbolt JHL8010R
Intel Thunderbolt JHL7040
Intel Thunderbolt DSL5520
Intel Thunderbolt DSL5320
Intel Thunderbolt DSL6340
Intel Thunderbolt DSL6540
Intel Thunderbolt JHL6540
Intel Thunderbolt JHL6340
Intel Thunderbolt JHL6240
Intel Thunderbolt JHL7540
Intel Thunderbolt JHL7340
Intel Thunderbolt JHL7440
Intel Thunderbolt JHL8040R
Intel Thunderbolt JHL8010R
Intel Thunderbolt JHL7040
Software vendor:
Intel
Intel
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.
Remediation
Install updates from vendor's website.