CVE-2020-8737
First published: Thu Nov 12 2020(Updated: )
Improper buffer restrictions in the Intel(R) Stratix(R) 10 FPGA firmware provided with the Intel(R) Quartus(R) Prime Pro software before version 20.1 may allow an unauthenticated user to potentially enable escalation of privilege and/or information disclosure via physical access.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intel Quartus Prime | <20.1 | |
| Intel Stratix 10 Fpga Firmware | ||
| Intel Stratix 10 Fpga |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2020-8737?
CVE-2020-8737 is a vulnerability in the Intel Stratix 10 FPGA firmware provided with the Intel Quartus Prime Pro software before version 20.1.
What is the severity of CVE-2020-8737?
The severity of CVE-2020-8737 is medium.
How can an unauthenticated user potentially exploit CVE-2020-8737?
An unauthenticated user may exploit CVE-2020-8737 to potentially enable escalation of privilege and/or information disclosure via physical access.
Which software versions are affected by CVE-2020-8737?
The Intel Quartus Prime Pro software versions before 20.1 are affected by CVE-2020-8737.
Where can I find more information about CVE-2020-8737?
You can find more information about CVE-2020-8737 at the Intel Security Advisory site: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00388
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/tags
- agent/event
- agent/description
- agent/remedy
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- vendor/intel
- canonical/intel quartus prime
- canonical/intel stratix 10 fpga firmware
- canonical/intel stratix 10 fpga