CVE-2020-8698 - Vulnerability Details

Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.00205.

Key SSVC decision points have not yet been added.

Vendors	Products
Debian	Debian Linux
Fedoraproject	Fedora
Intel	Core I3-1000g1 Core I3-1000g4 Core I3-1005g1 Core I3-1110g4 Core I3-1115g4 Core I3-1120g4 Core I3-1125g4 Core I5-1030g4 Core I5-1030g7 Core I5-1035g1 Core I5-1035g4 Core I5-1035g7 Core I5-1130g7 Core I5-1135g7 Core I7-1060g7 Core I7-1065g7 Core I7-1160g7 Core I7-1165g7 Core I7-1185g7 Microcode
Netapp	Clustered Data Ontap Hci Compute Node Hci Compute Node Bios Hci Storage Node Hci Storage Node Bios Solidfire Solidfire Bios
Redhat	Enterprise Linux Rhel Aus Rhel E4s Rhel Eus Rhel Tus
Siemens	Simatic Field Pg M5 Simatic Field Pg M5 Firmware Simatic Field Pg M6 Simatic Field Pg M6 Firmware Simatic Ipc427e Simatic Ipc427e Firmware Simatic Ipc477e Simatic Ipc477e Firmware Simatic Ipc477e Pro Simatic Ipc477e Pro Firmware Simatic Ipc627e Simatic Ipc627e Firmware Simatic Ipc647e Simatic Ipc647e Firmware Simatic Ipc677e Simatic Ipc677e Firmware Simatic Ipc847e Simatic Ipc847e Firmware Simatic Itp1000 Simatic Itp1000 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:intel:microcode:-:*:*:*:*:*:*:*

OR	cpe:2.3:h:intel:core_i3-1000g1:-:::::::*
	cpe:2.3:h:intel:core_i3-1000g4:-:::::::*
	cpe:2.3:h:intel:core_i3-1005g1:-:::::::*
	cpe:2.3:h:intel:core_i3-1110g4:-:::::::*
	cpe:2.3:h:intel:core_i3-1115g4:-:::::::*
	cpe:2.3:h:intel:core_i3-1120g4:-:::::::*
	cpe:2.3:h:intel:core_i3-1125g4:-:::::::*
	cpe:2.3:h:intel:core_i5-1030g4:-:::::::*
	cpe:2.3:h:intel:core_i5-1030g7:-:::::::*
	cpe:2.3:h:intel:core_i5-1035g1:-:::::::*
	cpe:2.3:h:intel:core_i5-1035g4:-:::::::*
	cpe:2.3:h:intel:core_i5-1035g7:-:::::::*
	cpe:2.3:h:intel:core_i5-1130g7:-:::::::*
	cpe:2.3:h:intel:core_i5-1135g7:-:::::::*
	cpe:2.3:h:intel:core_i7-1060g7:-:::::::*
	cpe:2.3:h:intel:core_i7-1065g7:-:::::::*
	cpe:2.3:h:intel:core_i7-1160g7:-:::::::*
	cpe:2.3:h:intel:core_i7-1165g7:-:::::::*
	cpe:2.3:h:intel:core_i7-1185g7:-:::::::*

Configuration 2 [-]

cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:netapp:hci_compute_node_bios:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:netapp:hci_storage_node_bios:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:hci_storage_node:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:netapp:solidfire_bios:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:solidfire:-:*:*:*:*:*:*:*

Configuration 6 [-]

cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*

Configuration 7 [-]

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_field_pg_m5:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:siemens:simatic_field_pg_m6_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_field_pg_m6:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:siemens:simatic_ipc427e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:siemens:simatic_ipc477e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:siemens:simatic_ipc477e_pro_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_ipc477e_pro:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:siemens:simatic_ipc627e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_ipc627e:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:siemens:simatic_ipc647e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_ipc647e:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:siemens:simatic_ipc677e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_ipc677e:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:siemens:simatic_ipc847e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_ipc847e:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:siemens:simatic_itp1000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 6
microcode_ctl-2:1.17-33.31.el6_10	cpe:/o:redhat:enterprise_linux:6	RHSA-2020:5084	2020-11-11T00:00:00Z
Red Hat Enterprise Linux 6.5 Advanced Update Support
microcode_ctl-2:1.17-17.34.el6_5	cpe:/o:redhat:rhel_aus:6.5	RHSA-2020:5189	2020-11-23T00:00:00Z
Red Hat Enterprise Linux 6.6 Advanced Update Support
microcode_ctl-2:1.17-19.32.el6_6	cpe:/o:redhat:rhel_aus:6.6	RHSA-2020:5184	2020-11-23T00:00:00Z
Red Hat Enterprise Linux 7
microcode_ctl-2:2.1-73.2.el7_9	cpe:/o:redhat:enterprise_linux:7	RHSA-2020:5083	2020-11-11T00:00:00Z
microcode_ctl-2:2.1-73.11.el7_9	cpe:/o:redhat:enterprise_linux:7	RHSA-2021:3028	2021-08-09T00:00:00Z
Red Hat Enterprise Linux 7.2 Advanced Update Support
microcode_ctl-2:2.1-12.34.el7_2	cpe:/o:redhat:rhel_aus:7.2	RHSA-2020:5188	2020-11-23T00:00:00Z
microcode_ctl-2:2.1-12.39.el7_2	cpe:/o:redhat:rhel_aus:7.2	RHSA-2021:3323	2021-08-31T00:00:00Z
Red Hat Enterprise Linux 7.3 Advanced Update Support
microcode_ctl-2:2.1-16.37.el7_3	cpe:/o:redhat:rhel_aus:7.3	RHSA-2020:5183	2020-11-23T00:00:00Z
microcode_ctl-2:2.1-16.42.el7_3	cpe:/o:redhat:rhel_aus:7.3	RHSA-2021:3322	2021-08-31T00:00:00Z
Red Hat Enterprise Linux 7.3 Telco Extended Update Support
microcode_ctl-2:2.1-16.37.el7_3	cpe:/o:redhat:rhel_tus:7.3	RHSA-2020:5183	2020-11-23T00:00:00Z
Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions
microcode_ctl-2:2.1-16.37.el7_3	cpe:/o:redhat:rhel_e4s:7.3	RHSA-2020:5183	2020-11-23T00:00:00Z
Red Hat Enterprise Linux 7.4 Advanced Update Support
microcode_ctl-2:2.1-22.36.el7_4	cpe:/o:redhat:rhel_aus:7.4	RHSA-2020:5182	2020-11-23T00:00:00Z
microcode_ctl-2:2.1-22.41.el7_4	cpe:/o:redhat:rhel_aus:7.4	RHSA-2021:3255	2021-08-24T00:00:00Z
Red Hat Enterprise Linux 7.4 Telco Extended Update Support
microcode_ctl-2:2.1-22.36.el7_4	cpe:/o:redhat:rhel_tus:7.4	RHSA-2020:5182	2020-11-23T00:00:00Z
microcode_ctl-2:2.1-22.41.el7_4	cpe:/o:redhat:rhel_tus:7.4	RHSA-2021:3255	2021-08-24T00:00:00Z
Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions
microcode_ctl-2:2.1-22.36.el7_4	cpe:/o:redhat:rhel_e4s:7.4	RHSA-2020:5182	2020-11-23T00:00:00Z
microcode_ctl-2:2.1-22.41.el7_4	cpe:/o:redhat:rhel_e4s:7.4	RHSA-2021:3255	2021-08-24T00:00:00Z
Red Hat Enterprise Linux 7.6 Advanced Update Support(Disable again in 2026 - SPRHEL-7118)
microcode_ctl-2:2.1-47.23.el7_6	cpe:/o:redhat:rhel_aus:7.6	RHSA-2021:3317	2021-08-31T00:00:00Z
Red Hat Enterprise Linux 7.6 Extended Update Support
microcode_ctl-2:2.1-47.18.el7_6	cpe:/o:redhat:rhel_eus:7.6	RHSA-2020:5181	2020-11-23T00:00:00Z
Red Hat Enterprise Linux 7.6 Telco Extended Update Support
microcode_ctl-2:2.1-47.23.el7_6	cpe:/o:redhat:rhel_tus:7.6	RHSA-2021:3317	2021-08-31T00:00:00Z
Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions
microcode_ctl-2:2.1-47.23.el7_6	cpe:/o:redhat:rhel_e4s:7.6	RHSA-2021:3317	2021-08-31T00:00:00Z
Red Hat Enterprise Linux 7.7 Extended Update Support
microcode_ctl-2:2.1-53.13.el7_7	cpe:/o:redhat:rhel_eus:7.7	RHSA-2020:5190	2020-11-23T00:00:00Z
microcode_ctl-2:2.1-53.18.el7_7	cpe:/o:redhat:rhel_eus:7.7	RHSA-2021:3029	2021-08-10T00:00:00Z
Red Hat Enterprise Linux 8
microcode_ctl-4:20200609-2.20201027.1.el8_3	cpe:/o:redhat:enterprise_linux:8	RHSA-2020:5085	2020-11-11T00:00:00Z
microcode_ctl-4:20210216-1.20210608.1.el8_4	cpe:/o:redhat:enterprise_linux:8	RHSA-2021:3027	2021-08-09T00:00:00Z
Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions
microcode_ctl-4:20180807a-2.20201112.1.el8_0	cpe:/o:redhat:rhel_e4s:8.0	RHSA-2020:5186	2020-11-23T00:00:00Z
Red Hat Enterprise Linux 8.1 Extended Update Support
microcode_ctl-4:20190618-1.20201112.1.el8_1	cpe:/o:redhat:rhel_eus:8.1	RHSA-2020:5369	2020-12-08T00:00:00Z
microcode_ctl-4:20190618-1.20210608.1.el8_1	cpe:/o:redhat:rhel_eus:8.1	RHSA-2021:3176	2021-08-17T00:00:00Z
Red Hat Enterprise Linux 8.2 Extended Update Support
microcode_ctl-4:20191115-4.20201112.1.el8_2	cpe:/o:redhat:rhel_eus:8.2	RHSA-2020:5185	2020-11-23T00:00:00Z
microcode_ctl-4:20191115-4.20210608.1.el8_2	cpe:/o:redhat:rhel_eus:8.2	RHSA-2021:3364	2021-08-31T00:00:00Z

No data.

Advisories

Source	ID	Title
Debian DLA	DLA-2546-1	intel-microcode security update
EUVD	EUVD-2020-29546	Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Ubuntu USN	USN-4628-1	Intel Microcode vulnerabilities
Ubuntu USN	USN-4628-3	Intel Microcode vulnerabilities

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf
https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43/
https://nvd.nist.gov/vuln/detail/CVE-2020-8698
https://security.netapp.com/advisory/ntap-20201113-0006/
https://www.cve.org/CVERecord?id=CVE-2020-8698
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: intel

Published: 2020-11-12T18:01:55

Updated: 2024-08-04T10:03:46.326Z

Reserved: 2020-02-06T00:00:00

Link: CVE-2020-8698

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-11-12T18:15:16.783

Modified: 2024-11-21T05:39:17.130

Link: CVE-2020-8698

Redhat

Severity : Moderate

Publid Date: 2020-11-10T13:55:00Z

Links: CVE-2020-8698 - Bugzilla

OpenCVE Enrichment

No data.

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object