CVE-2020-8704: Race Condition
First published: Wed Jun 09 2021(Updated: )
Race condition in a subsystem in the Intel(R) LMS versions before 2039.1.0.0 may allow a privileged user to potentially enable escalation of privilege via local access.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intel Local Manageability Service | <2039.1.0.0 | |
| Siemens Simatic Field Pg M5 Firmware | ||
| Siemens Simatic Field Pg M5 | ||
| Siemens Simatic Field Pg M6 Firmware | ||
| Siemens Simatic Field Pg M6 | ||
| Siemens Simatic Ipc427e Firmware | ||
| Siemens Simatic Ipc427e | ||
| Siemens Simatic Ipc477e Firmware | ||
| Siemens Simatic Ipc477e | ||
| Siemens Simatic Ipc477e Pro Firmware | ||
| Siemens Simatic Ipc477e Pro | ||
| Siemens Simatic Ipc527g Firmware | ||
| Siemens Simatic Ipc527g | ||
| Siemens Simatic Ipc547g Firmware | ||
| Siemens Simatic Ipc547g | ||
| Siemens Simatic Ipc627e Firmware | <25.02.10 | |
| Siemens Simatic Ipc627e | ||
| Siemens Simatic Ipc647e Firmware | <25.02.10 | |
| Siemens Simatic Ipc647e | ||
| Siemens Simatic Ipc677e Firmware | <25.02.10 | |
| Siemens Simatic Ipc677e | ||
| Siemens Simatic Ipc847e Firmware | <25.02.10 | |
| Siemens Simatic Ipc847e | ||
| Siemens Simatic Itp1000 Firmware | ||
| Siemens Simatic Itp1000 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-8704?
CVE-2020-8704 is a race condition vulnerability in the Intel(R) LMS software.
What is the severity of CVE-2020-8704?
The severity of CVE-2020-8704 is medium with a CVSS score of 6.4.
How does CVE-2020-8704 impact the affected software?
CVE-2020-8704 can potentially enable escalation of privilege via local access on systems running Intel(R) LMS versions before 2039.1.0.0.
Which software versions are affected by CVE-2020-8704?
Intel(R) LMS versions before 2039.1.0.0 are affected by CVE-2020-8704.
How can I fix CVE-2020-8704?
To fix CVE-2020-8704, update your Intel(R) LMS software to version 2039.1.0.0 or later.
- collector/nvd-index
- agent/author
- agent/severity
- agent/weakness
- agent/references
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/intel
- canonical/intel local manageability service
- vendor/siemens
- canonical/siemens simatic field pg m5 firmware
- canonical/siemens simatic field pg m5
- canonical/siemens simatic field pg m6 firmware
- canonical/siemens simatic field pg m6
- canonical/siemens simatic ipc427e firmware
- canonical/siemens simatic ipc427e
- canonical/siemens simatic ipc477e firmware
- canonical/siemens simatic ipc477e
- canonical/siemens simatic ipc477e pro firmware
- canonical/siemens simatic ipc477e pro
- canonical/siemens simatic ipc527g firmware
- canonical/siemens simatic ipc527g
- canonical/siemens simatic ipc547g firmware
- canonical/siemens simatic ipc547g
- canonical/siemens simatic ipc627e firmware
- canonical/siemens simatic ipc627e
- canonical/siemens simatic ipc647e firmware
- canonical/siemens simatic ipc647e
- canonical/siemens simatic ipc677e firmware
- canonical/siemens simatic ipc677e
- canonical/siemens simatic ipc847e firmware
- canonical/siemens simatic ipc847e
- canonical/siemens simatic itp1000 firmware
- canonical/siemens simatic itp1000