CVE-2020-12360 – This vulnerability is an out-of-bounds read in ... (How to Fix)

Q: What is the severity of CVE-2020-12360?

CVE-2020-12360 has a CVSS score of 7.8 (HIGH). This vulnerability is an out-of-bounds read in Intel processor firmware that allows authenticated local users to potentially escalate privileges. It affects specific Intel processors and requires local access to exploit. The flaw could enable attackers to read sensitive memory contents and gain higher system privileges.

📋 TL;DR

This vulnerability is an out-of-bounds read in Intel processor firmware that allows authenticated local users to potentially escalate privileges. It affects specific Intel processors and requires local access to exploit. The flaw could enable attackers to read sensitive memory contents and gain higher system privileges.

💻 Affected Systems

Products:

Intel Processors with specific firmware versions

Versions: Specific firmware versions as listed in Intel advisory

Operating Systems: All operating systems running on affected Intel processors

Default Config Vulnerable: ⚠️ Yes

Notes: Affects specific Intel processor models; requires checking Intel's advisory for exact processor families and firmware versions.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

An authenticated attacker could achieve full system compromise, gaining root/administrator privileges and accessing sensitive data in memory.

🟠

Likely Case

Local authenticated users could escalate privileges to gain unauthorized access to system resources and sensitive information.

🟢

If Mitigated

With proper access controls and patching, the risk is significantly reduced to minimal impact on system security.

🌐 Internet-Facing: LOW - Requires local authenticated access, cannot be exploited remotely over the internet.

🏢 Internal Only: MEDIUM - Requires local authenticated access, so internal users with valid credentials could potentially exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local authenticated access and knowledge of memory layout; firmware-level vulnerabilities typically have higher exploitation complexity.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firmware updates provided by Intel and system manufacturers

Vendor Advisory: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html

Restart Required: Yes

Instructions:

1. Check Intel advisory for affected processor models. 2. Contact system manufacturer for firmware updates. 3. Apply firmware update following manufacturer instructions. 4. Reboot system to activate new firmware.

🔧 Temporary Workarounds

Restrict local access

all

Limit local authenticated access to systems with affected processors

Implement least privilege

all

Ensure users have only necessary privileges to reduce impact of potential privilege escalation

🧯 If You Can't Patch

Isolate affected systems from critical networks and sensitive data
Implement strict access controls and monitoring for local user activities

🔍 How to Verify

Check if Vulnerable:

Check processor model and firmware version against Intel's advisory list

Check Version:

On Linux: 'sudo dmidecode -t bios' or 'sudo cat /sys/class/dmi/id/bios_version'; On Windows: 'wmic bios get smbiosbiosversion'

Verify Fix Applied:

Verify firmware version has been updated to patched version from manufacturer

📡 Detection & Monitoring

Log Indicators:

Unusual privilege escalation attempts
Firmware modification attempts
Suspicious local user activity patterns

Network Indicators:

Not applicable - local access only vulnerability

SIEM Query:

Search for local privilege escalation events or firmware access attempts from authenticated users

📊 Metadata

CVE ID: CVE-2020-12360

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-125

Published: June 9, 2021

Last Updated: November 21, 2024

🔗 References

https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf Patch,Third Party Advisory
https://security.netapp.com/advisory/ntap-20210702-0002/ Third Party Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf Patch,Third Party Advisory
https://security.netapp.com/advisory/ntap-20210702-0002/ Third Party Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-12360, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Aff Bios by Netapp

Bios by Intel

Cloud Backup by Netapp

E Series Bios by Netapp

Fas Bios by Netapp

Hci Compute Node Bios by Netapp

Hci Storage Node Bios by Netapp

Simatic Cpu 1518 4 Firmware by Siemens

Simatic Cpu 1518f 4 Firmware by Siemens

Simatic Ipc547g Firmware by Siemens

Solidfire Bios by Netapp