A potential security vulnerability in multiple Intel® processors may allow escalation of privilege, denial of service, and/or information disclosure. Intel is releasing firmware updates to mitigate this potential vulnerability.
Description: Improper conditions check in multiple Intel® Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial of service and/or information disclosure via local access.
CVSS Base Score: 5.3 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
2nd Generation Intel® Xeon® Scalable Processor
Intel® Xeon® Scalable Processor
Intel® Xeon® D Processors
Intel® Xeon® W Processors
8th and 9th Generation Intel® Core™ i9
Client and Xeon E3 Microprocessors
Intel® Xeon® Processor E3 v5 & v6 Family
Intel® Xeon® E Processor
6th Generation Intel® Core™ Processors
7th Generation Intel® Core™ Processors
8th Generation Intel® Core™ Processor Family
9th Generation Intel® Core™ Processors Family
10th Generation Intel® Core™ Processor Family
Intel recommends that users of Intel® Processors listed above update to the latest firmware version provided by the system manufacturer that addresses these issues.
The following issue was found internally by Intel.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.