PT-2021-2095 · Intel+3 · Intel Ethernet E810 Adapter Drivers+3

Published

2021-02-09

Updated

2021-11-09

CVE-2020-24503

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Intel Ethernet E810 Adapter drivers for Linux versions prior to 1.0.4

Description: The issue is related to insufficient access control in the Intel Ethernet E810 Adapter drivers, which may allow an authenticated user to potentially enable information disclosure via local access. This could permit an attacker to gain unauthorized access to protected information.

Recommendations: For Intel Ethernet E810 Adapter drivers for Linux versions prior to 1.0.4, update to version 1.0.4 or later to resolve the issue. As a temporary workaround, consider restricting local access to the system to minimize the risk of exploitation.

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

ALSA-2021:4356

BDU:2021-00947

CESA-2021_4140

CESA-2021_4356

CVE-2020-24503

RHSA-2021:4140

RHSA-2021:4356

RHSA-2021_4140

RHSA-2021_4356

Affected Products

Almalinux

Centos

Intel Ethernet E810 Adapter Drivers

Red Hat

PT-2021-2095 · Intel+3 · Intel Ethernet E810 Adapter Drivers+3

CVE-2020-24503

Weakness Enumeration

Related Identifiers

Affected Products

References · 57