Advisory Published

CVE-2020-8704: Race Condition

First published: Wed Jun 09 2021(Updated: )

Race condition in a subsystem in the Intel(R) LMS versions before 2039.1.0.0 may allow a privileged user to potentially enable escalation of privilege via local access.


Affected SoftwareAffected VersionHow to fix
Intel Local Manageability Service<2039.1.0.0
Siemens Simatic Field Pg M5 Firmware
Siemens Simatic Field Pg M5
Siemens Simatic Field Pg M6 Firmware
Siemens Simatic Field Pg M6
Siemens Simatic Ipc427e Firmware
Siemens Simatic Ipc427e
Siemens Simatic Ipc477e Firmware
Siemens Simatic Ipc477e
Siemens Simatic Ipc477e Pro Firmware
Siemens Simatic Ipc477e Pro
Siemens Simatic Ipc527g Firmware
Siemens Simatic Ipc527g
Siemens Simatic Ipc547g Firmware
Siemens Simatic Ipc547g
Siemens Simatic Ipc627e Firmware<25.02.10
Siemens Simatic Ipc627e
Siemens Simatic Ipc647e Firmware<25.02.10
Siemens Simatic Ipc647e
Siemens Simatic Ipc677e Firmware<25.02.10
Siemens Simatic Ipc677e
Siemens Simatic Ipc847e Firmware<25.02.10
Siemens Simatic Ipc847e
Siemens Simatic Itp1000 Firmware
Siemens Simatic Itp1000

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is CVE-2020-8704?

    CVE-2020-8704 is a race condition vulnerability in the Intel(R) LMS software.

  • What is the severity of CVE-2020-8704?

    The severity of CVE-2020-8704 is medium with a CVSS score of 6.4.

  • How does CVE-2020-8704 impact the affected software?

    CVE-2020-8704 can potentially enable escalation of privilege via local access on systems running Intel(R) LMS versions before 2039.1.0.0.

  • Which software versions are affected by CVE-2020-8704?

    Intel(R) LMS versions before 2039.1.0.0 are affected by CVE-2020-8704.

  • How can I fix CVE-2020-8704?

    To fix CVE-2020-8704, update your Intel(R) LMS software to version 2039.1.0.0 or later.


SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203