Vulnerability Details CVE-2020-24509
Insufficient control flow management in subsystem in Intel(R) SPS versions before SPS_E3_05.01.04.300.0, SPS_SoC-A_05.00.03.091.0, SPS_E5_04.04.04.023.0, or SPS_E5_04.04.03.263.0 may allow a privileged user to potentially enable escalation of privilege via local access.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 35.0%
CVSS Severity
CVSS v3 Score 6.7
CVSS v2 Score 4.6
References
Products affected by CVE-2020-24509
-
cpe:2.3:a:intel:server_platform_services:e3_05.01.04.200
-
cpe:2.3:a:intel:server_platform_services:e5_04.01.04.400
-
cpe:2.3:a:intel:server_platform_services:sps_e3_04.01.04.054.0
-
cpe:2.3:a:intel:server_platform_services:sps_e3_04.01.04.109.0
-
cpe:2.3:a:intel:server_platform_services:sps_e3_04.01.04.200
-
cpe:2.3:a:intel:server_platform_services:sps_e3_04.08.04.070.0
-
cpe:2.3:a:intel:server_platform_services:sps_e3_05.01.04.300.0
-
cpe:2.3:a:intel:server_platform_services:sps_e3_06.00.03.300.0
-
cpe:2.3:a:intel:server_platform_services:sps_e5_04.00.04.381.0
-
cpe:2.3:a:intel:server_platform_services:sps_e5_04.01.04.380.0
-
cpe:2.3:a:intel:server_platform_services:sps_e5_04.01.04.400
-
cpe:2.3:a:intel:server_platform_services:sps_e5_04.04.03.228.0
-
cpe:2.3:a:intel:server_platform_services:sps_e5_04.04.03.263.0
-
cpe:2.3:a:intel:server_platform_services:sps_e5_04.04.04.023.0
-
cpe:2.3:a:intel:server_platform_services:sps_e5_04.04.04.300.0
-
cpe:2.3:a:intel:server_platform_services:sps_soc-a_04.00.04.181.0
-
cpe:2.3:a:intel:server_platform_services:sps_soc-a_04.00.04.211.0
-
cpe:2.3:a:intel:server_platform_services:sps_soc-a_04.00.04.300