CVE-2020-8704: Race Condition
First published: Wed Jun 09 2021(Updated: )
Race condition in a subsystem in the Intel(R) LMS versions before 2039.1.0.0 may allow a privileged user to potentially enable escalation of privilege via local access.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intel Local Manageability Service | <2039.1.0.0 | |
| Siemens Simatic Field PG M5 | ||
| Siemens Simatic Field PG M5 | ||
| siemens simatic field pg m6 firmware | ||
| siemens simatic field pg m6 | ||
| Siemens Simatic IPC427E Firmware | ||
| Siemens Simatic IPC427E Firmware | ||
| Siemens Simatic IPC477E Firmware | ||
| Siemens Simatic IPC477E Firmware | ||
| Siemens Simatic IPC477E Pro | ||
| Siemens Simatic IPC477E Firmware | ||
| Siemens Simatic IPC527G | ||
| Siemens Simatic IPC527G Firmware | ||
| Siemens Simatic IPC547G | ||
| Siemens Simatic IPC547G Firmware | ||
| siemens simatic ipc627e firmware | <25.02.10 | |
| siemens simatic ipc627e | ||
| siemens simatic ipc647e firmware | <25.02.10 | |
| siemens simatic ipc647e | ||
| siemens simatic ipc677e firmware | <25.02.10 | |
| siemens simatic ipc677e | ||
| siemens simatic ipc847e firmware | <25.02.10 | |
| siemens simatic ipc847e | ||
| Siemens Simatic ITP1000 | ||
| Siemens Simatic ITP1000 Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-8704?
CVE-2020-8704 is a race condition vulnerability in the Intel(R) LMS software.
What is the severity of CVE-2020-8704?
The severity of CVE-2020-8704 is medium with a CVSS score of 6.4.
How does CVE-2020-8704 impact the affected software?
CVE-2020-8704 can potentially enable escalation of privilege via local access on systems running Intel(R) LMS versions before 2039.1.0.0.
Which software versions are affected by CVE-2020-8704?
Intel(R) LMS versions before 2039.1.0.0 are affected by CVE-2020-8704.
How can I fix CVE-2020-8704?
To fix CVE-2020-8704, update your Intel(R) LMS software to version 2039.1.0.0 or later.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/weakness
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/intel
- canonical/intel local manageability service
- vendor/siemens
- canonical/siemens simatic field pg m5
- canonical/siemens simatic field pg m6 firmware
- canonical/siemens simatic field pg m6
- canonical/siemens simatic ipc427e firmware
- canonical/siemens simatic ipc477e firmware
- canonical/siemens simatic ipc477e pro
- canonical/siemens simatic ipc527g
- canonical/siemens simatic ipc527g firmware
- canonical/siemens simatic ipc547g
- canonical/siemens simatic ipc547g firmware
- canonical/siemens simatic ipc627e firmware
- canonical/siemens simatic ipc627e
- canonical/siemens simatic ipc647e firmware
- canonical/siemens simatic ipc647e
- canonical/siemens simatic ipc677e firmware
- canonical/siemens simatic ipc677e
- canonical/siemens simatic ipc847e firmware
- canonical/siemens simatic ipc847e
- canonical/siemens simatic itp1000
- canonical/siemens simatic itp1000 firmware