CWE
212 668
Advisory Published
CVE Published
Updated

CVE-2020-8698

First published: Thu Oct 22 2020(Updated: )

A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU.

Credit: secure@intel.com

Affected SoftwareAffected VersionHow to fix
Intel Microcode
Intel Core I3-1000g1
Intel Core I3-1000g4
Intel Core I3-1005g1
Intel Core I3-1110g4
Intel Core I3-1115g4
Intel Core I3-1120g4
Intel Core I3-1125g4
Intel Core I5-1030g4
Intel Core I5-1030g7
Intel Core I5-1035g1
Intel Core I5-1035g4
Intel Core I5-1035g7
Intel Core I5-1130g7
Intel Core I5-1135g7
Intel Core I7-1060g7
Intel Core I7-1065g7
Intel Core I7-1160g7
Intel Core I7-1165g7
Intel Core I7-1185g7
NetApp Clustered Data ONTAP
Netapp Hci Compute Node Bios
Netapp Hci Compute Node
Netapp Hci Storage Node Bios
Netapp Hci Storage Node
Netapp Solidfire Bios
Netapp Solidfire
Fedoraproject Fedora=31
Debian Debian Linux=9.0
Siemens Simatic Field Pg M5 Firmware<22.01.08
Siemens Simatic Field Pg M5
Siemens Simatic Field Pg M6 Firmware
Siemens Simatic Field Pg M6
Siemens Simatic Ipc427e Firmware<21.01.15
Siemens Simatic Ipc427e
Siemens Simatic Ipc477e Firmware<21.01.15
Siemens Simatic Ipc477e
Siemens Simatic Ipc477e Pro Firmware<21.01.15
Siemens Simatic Ipc477e Pro
Siemens Simatic Ipc627e Firmware<25.02.08
Siemens Simatic Ipc627e
Siemens Simatic Ipc647e Firmware<25.02.08
Siemens Simatic Ipc647e
Siemens Simatic Ipc677e Firmware<25.02.08
Siemens Simatic Ipc677e
Siemens Simatic Ipc847e Firmware<25.02.08
Siemens Simatic Ipc847e
Siemens Simatic Itp1000 Firmware<23.01.08
Siemens Simatic Itp1000

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Reference Links

Frequently Asked Questions

  • What is CVE-2020-8698?

    CVE-2020-8698 is a vulnerability in the CPU microarchitecture that allows a local attacker to infer internal architectural state from previous executions on the CPU.

  • Which software are affected by CVE-2020-8698?

    Intel Microcode, NetApp Clustered Data ONTAP, Netapp Hci Compute Node Bios, Netapp Hci Storage Node Bios, Netapp Solidfire Bios, Fedoraproject Fedora, Debian Debian Linux, Siemens Simatic Field Pg M5 Firmware, Siemens Simatic Field Pg M6 Firmware, Siemens Simatic Ipc427e Firmware, Siemens Simatic Ipc477e Firmware, Siemens Simatic Ipc477e Pro Firmware, Siemens Simatic Ipc627e Firmware, Siemens Simatic Ipc647e Firmware, Siemens Simatic Ipc677e Firmware, Siemens Simatic Ipc847e Firmware, Siemens Simatic Itp1000 Firmware are affected by CVE-2020-8698.

  • What is the severity of CVE-2020-8698?

    CVE-2020-8698 has a severity score of 5.5 (medium).

  • Is Intel Core I3-1000g1 vulnerable to CVE-2020-8698?

    No, Intel Core I3-1000g1 is not vulnerable to CVE-2020-8698.

  • How can I fix CVE-2020-8698?

    To fix CVE-2020-8698, it is recommended to apply the necessary patches and microcode updates provided by the software vendors.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203