PT-2020-4123 · Intel · Intel Acceleration Stack+1

Published

2020-08-11

Updated

2021-07-21

CVE-2020-8684

CVSS v3.1

6.7

Medium

Vector

AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Intel(R) PAC with Arria(R) 10 GX FPGA versions prior to Intel Acceleration Stack version 1.2.1

Description: The issue is related to improper access control in the firmware, which may allow a privileged user to potentially enable escalation of privilege via local access. This is due to deficiencies in access control within the Intel Acceleration Stack software.

Recommendations: For versions prior to Intel Acceleration Stack version 1.2.1, update to Intel Acceleration Stack version 1.2.1 or later to resolve the issue.

Fix

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-269

Related Identifiers

BDU:2020-04545

CVE-2020-8684

Affected Products

Intel Acceleration Stack

Intel Pac With Arria 10 Gx Fpga

PT-2020-4123 · Intel · Intel Acceleration Stack+1

CVE-2020-8684

Weakness Enumeration

Related Identifiers

Affected Products

References · 4