CVE-2020-8705

MEDIUM Year: 2020
CVSS v3 Score
6.8
Medium
CVSS v2 Score
4.6
Medium
Weakness Type
CWE-1188
View all →

Vulnerability Description

Insecure default initialization of resource in Intel(R) Boot Guard in Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions before 3.1.80 and 4.0.30, Intel(R) SPS versions before E5_04.01.04.400, E3_04.01.04.200, SoC-X_04.00.04.200 and SoC-A_04.00.04.300 may allow an unauthenticated user to potentially enable escalation of privileges via physical access.

Related Vulnerabilities

CVE-2020-11915

MEDIUM
CVSS:6.8(Medium)

An issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3.14. By sending a set_params.cgi?telnetd=1&save=1&reboot=1 request to the webserver, it is possible to enable the telnet interface ...

CWE-11882020

CVE-2025-2442

MEDIUM
CVSS:6.8(Medium)

CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could potentially lead to unauthorized access which could result in the loss of confidentially, integrity and ...

CWE-11882025

CVE-2025-46599

MEDIUM
CVSS:6.8(Medium)

CNCF K3s 1.32 before 1.32.4-rc1+k3s1 has a Kubernetes kubelet configuration change with the unintended consequence that, in some situations, ReadOnlyPort is set to 10255. For example, the default beha...

CWE-11882025

CVE-2021-0114

MEDIUM
CVSS:6.7(Medium)

Unchecked return value in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.

CWE-11882021

CVE-2021-0144

MEDIUM
CVSS:6.7(Medium)

Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged user to potentially enable an escalation of privilege via local access.

CWE-11882021

CVE-2023-48733

MEDIUM
CVSS:6.7(Medium)

An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an OS-resident attacker to bypass Secure Boot.

CWE-11882023