CVE-2020-8698
First published: Thu Oct 22 2020(Updated: )
A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intel Microcode | ||
| Intel Core I3-1000g1 | ||
| Intel Core I3-1000g4 | ||
| Intel Core I3-1005g1 | ||
| Intel Core I3-1110g4 | ||
| Intel Core I3-1115g4 | ||
| Intel Core I3-1120g4 | ||
| Intel Core I3-1125g4 | ||
| Intel Core I5-1030g4 | ||
| Intel Core I5-1030g7 | ||
| Intel Core I5-1035g1 | ||
| Intel Core I5-1035g4 | ||
| Intel Core I5-1035g7 | ||
| Intel Core I5-1130g7 | ||
| Intel Core I5-1135g7 | ||
| Intel Core I7-1060g7 | ||
| Intel Core I7-1065g7 | ||
| Intel Core I7-1160g7 | ||
| Intel Core I7-1165g7 | ||
| Intel Core I7-1185g7 | ||
| NetApp Clustered Data ONTAP | ||
| Netapp Hci Compute Node Bios | ||
| Netapp Hci Compute Node | ||
| Netapp Hci Storage Node Bios | ||
| Netapp Hci Storage Node | ||
| Netapp Solidfire Bios | ||
| Netapp Solidfire | ||
| Fedoraproject Fedora | =31 | |
| Debian Debian Linux | =9.0 | |
| Siemens Simatic Field Pg M5 Firmware | <22.01.08 | |
| Siemens Simatic Field Pg M5 | ||
| Siemens Simatic Field Pg M6 Firmware | ||
| Siemens Simatic Field Pg M6 | ||
| Siemens Simatic Ipc427e Firmware | <21.01.15 | |
| Siemens Simatic Ipc427e | ||
| Siemens Simatic Ipc477e Firmware | <21.01.15 | |
| Siemens Simatic Ipc477e | ||
| Siemens Simatic Ipc477e Pro Firmware | <21.01.15 | |
| Siemens Simatic Ipc477e Pro | ||
| Siemens Simatic Ipc627e Firmware | <25.02.08 | |
| Siemens Simatic Ipc627e | ||
| Siemens Simatic Ipc647e Firmware | <25.02.08 | |
| Siemens Simatic Ipc647e | ||
| Siemens Simatic Ipc677e Firmware | <25.02.08 | |
| Siemens Simatic Ipc677e | ||
| Siemens Simatic Ipc847e Firmware | <25.02.08 | |
| Siemens Simatic Ipc847e | ||
| Siemens Simatic Itp1000 Firmware | <23.01.08 | |
| Siemens Simatic Itp1000 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2020-8698 https://nvd.nist.gov/vuln/detail/CVE-2020-8698 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1890356
- https://access.redhat.com/errata/RHSA-2020:5084
- https://access.redhat.com/errata/RHSA-2020:5189
- https://access.redhat.com/errata/RHSA-2020:5184
- https://access.redhat.com/errata/RHSA-2020:5083
- https://access.redhat.com/errata/RHSA-2021:3028
- https://access.redhat.com/errata/RHSA-2020:5188
- https://access.redhat.com/errata/RHSA-2021:3323
- https://access.redhat.com/errata/RHSA-2020:5183
- https://access.redhat.com/errata/RHSA-2021:3322
- https://access.redhat.com/errata/RHSA-2020:5182
- https://access.redhat.com/errata/RHSA-2021:3255
- https://access.redhat.com/errata/RHSA-2021:3317
- https://access.redhat.com/errata/RHSA-2020:5181
- https://access.redhat.com/errata/RHSA-2020:5190
- https://access.redhat.com/errata/RHSA-2021:3029
- https://access.redhat.com/errata/RHSA-2020:5085
- https://access.redhat.com/errata/RHSA-2021:3027
- https://access.redhat.com/errata/RHSA-2020:5186
- https://access.redhat.com/errata/RHSA-2020:5369
- https://access.redhat.com/errata/RHSA-2021:3176
- https://access.redhat.com/errata/RHSA-2020:5185
- https://access.redhat.com/errata/RHSA-2021:3364
- https://access.redhat.com/security/cve/cve-2020-8698
- https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf
- https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43/
- https://security.netapp.com/advisory/ntap-20201113-0006/
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43/
Parent vulnerabilities
(Appears in the following advisories)
- RHSA-2020:5084
- RHSA-2020:5189
- RHSA-2020:5184
- RHSA-2020:5083
- RHSA-2021:3028
- RHSA-2020:5188
- RHSA-2021:3323
- RHSA-2020:5183
- RHSA-2021:3322
- RHSA-2020:5182
- RHSA-2021:3255
- RHSA-2021:3317
- RHSA-2020:5181
- RHSA-2020:5190
- RHSA-2021:3029
- RHSA-2020:5085
- RHSA-2021:3027
- RHSA-2020:5186
- RHSA-2020:5369
- RHSA-2021:3176
- RHSA-2020:5185
- RHSA-2021:3364
Frequently Asked Questions
What is CVE-2020-8698?
CVE-2020-8698 is a vulnerability in the CPU microarchitecture that allows a local attacker to infer internal architectural state from previous executions on the CPU.
Which software are affected by CVE-2020-8698?
Intel Microcode, NetApp Clustered Data ONTAP, Netapp Hci Compute Node Bios, Netapp Hci Storage Node Bios, Netapp Solidfire Bios, Fedoraproject Fedora, Debian Debian Linux, Siemens Simatic Field Pg M5 Firmware, Siemens Simatic Field Pg M6 Firmware, Siemens Simatic Ipc427e Firmware, Siemens Simatic Ipc477e Firmware, Siemens Simatic Ipc477e Pro Firmware, Siemens Simatic Ipc627e Firmware, Siemens Simatic Ipc647e Firmware, Siemens Simatic Ipc677e Firmware, Siemens Simatic Ipc847e Firmware, Siemens Simatic Itp1000 Firmware are affected by CVE-2020-8698.
What is the severity of CVE-2020-8698?
CVE-2020-8698 has a severity score of 5.5 (medium).
Is Intel Core I3-1000g1 vulnerable to CVE-2020-8698?
No, Intel Core I3-1000g1 is not vulnerable to CVE-2020-8698.
How can I fix CVE-2020-8698?
To fix CVE-2020-8698, it is recommended to apply the necessary patches and microcode updates provided by the software vendors.
- collector/redhat-cve
- collector/nvd-index
- agent/weakness
- agent/author
- agent/type
- agent/softwarecombine
- agent/last-modified-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2020-8698
- agent/first-publish-date
- agent/severity
- agent/references
- agent/tags
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/intel
- canonical/intel microcode
- canonical/intel core i3-1000g1
- canonical/intel core i3-1000g4
- canonical/intel core i3-1005g1
- canonical/intel core i3-1110g4
- canonical/intel core i3-1115g4
- canonical/intel core i3-1120g4
- canonical/intel core i3-1125g4
- canonical/intel core i5-1030g4
- canonical/intel core i5-1030g7
- canonical/intel core i5-1035g1
- canonical/intel core i5-1035g4
- canonical/intel core i5-1035g7
- canonical/intel core i5-1130g7
- canonical/intel core i5-1135g7
- canonical/intel core i7-1060g7
- canonical/intel core i7-1065g7
- canonical/intel core i7-1160g7
- canonical/intel core i7-1165g7
- canonical/intel core i7-1185g7
- vendor/netapp
- canonical/netapp clustered data ontap
- canonical/netapp hci compute node bios
- canonical/netapp hci compute node
- canonical/netapp hci storage node bios
- canonical/netapp hci storage node
- canonical/netapp solidfire bios
- canonical/netapp solidfire
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/31
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/9.0
- vendor/siemens
- canonical/siemens simatic field pg m5 firmware
- canonical/siemens simatic field pg m5
- canonical/siemens simatic field pg m6 firmware
- canonical/siemens simatic field pg m6
- canonical/siemens simatic ipc427e firmware
- canonical/siemens simatic ipc427e
- canonical/siemens simatic ipc477e firmware
- canonical/siemens simatic ipc477e
- canonical/siemens simatic ipc477e pro firmware
- canonical/siemens simatic ipc477e pro
- canonical/siemens simatic ipc627e firmware
- canonical/siemens simatic ipc627e
- canonical/siemens simatic ipc647e firmware
- canonical/siemens simatic ipc647e
- canonical/siemens simatic ipc677e firmware
- canonical/siemens simatic ipc677e
- canonical/siemens simatic ipc847e firmware
- canonical/siemens simatic ipc847e
- canonical/siemens simatic itp1000 firmware
- canonical/siemens simatic itp1000