Login Sign Up

CVE-2020-24456

7.8 HIGH

📋 TL;DR

This vulnerability in Intel Board ID Tool v1.01 allows authenticated local users to escalate privileges due to incorrect default permissions. Attackers could gain higher system privileges than intended. Only systems with this specific Intel tool installed are affected.

💻 Affected Systems

Products:
  • Intel(R) Board ID Tool
Versions: Version 1.01
Operating Systems: Windows, Linux
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems where Intel Board ID Tool v1.01 is installed. Not all Intel systems have this tool.

📦 What is this software?

Board Id Tool by Intel

View all CVEs affecting Board Id Tool →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local authenticated attacker gains SYSTEM/root privileges, enabling complete system compromise, data theft, persistence installation, and lateral movement.

🟠

Likely Case

Local user with standard privileges gains administrative rights, allowing software installation, configuration changes, and access to protected resources.

🟢

If Mitigated

With proper access controls and least privilege principles, impact is limited to the specific user account and tool functionality.

🌐 Internet-Facing: LOW - Requires local authenticated access, not remotely exploitable.
🏢 Internal Only: MEDIUM - Local authenticated access required, but insider threats or compromised accounts could exploit this.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Requires local authenticated access. Exploitation likely involves manipulating file permissions or process execution.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version 1.02 or later

Vendor Advisory: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00447

Restart Required: Yes

Instructions:

1. Download Intel Board ID Tool v1.02 or later from Intel's website. 2. Uninstall current version. 3. Install updated version. 4. Restart system.

🔧 Temporary Workarounds

Remove vulnerable tool

windows

Uninstall Intel Board ID Tool v1.01 if not required

Control Panel > Programs > Uninstall a program > Select Intel Board ID Tool > Uninstall

Restrict tool access

windows

Apply strict file permissions to tool executables and directories

icacls "C:\Program Files\Intel\Board ID Tool\*" /inheritance:r /grant:r "Administrators:(OI)(CI)F" /grant:r "SYSTEM:(OI)(CI)F"

🧯 If You Can't Patch

  • Remove Intel Board ID Tool v1.01 if not essential for operations
  • Implement strict access controls and monitor for privilege escalation attempts

🔍 How to Verify

Check if Vulnerable:

Check installed programs for 'Intel Board ID Tool' version 1.01

Check Version:

wmic product where name="Intel Board ID Tool" get version

Verify Fix Applied:

Verify Intel Board ID Tool version is 1.02 or later

📡 Detection & Monitoring

Log Indicators:

  • Unexpected privilege escalation events
  • Access to Board ID Tool files by non-admin users
  • Process creation with elevated privileges from Board ID Tool

Network Indicators:

  • None - local vulnerability only

SIEM Query:

EventID=4688 AND ProcessName="*BoardID*" AND NewProcessName="*cmd*" OR NewProcessName="*powershell*"

📊 Metadata

CVE ID: CVE-2020-24456
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-276
Published: November 12, 2020
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-24456, you might also want to check these:

CVE-2019-19896 9.9

This vulnerability allows remote attackers to execute arbitrary code with SYSTEM privileges on IXP E...

Same vulnerability type (CWE-276)
CVE-2025-40585 9.9

Energy Services solutions using G5DFR contain default credentials, allowing attackers to gain contro...

Same vulnerability type (CWE-276)
CVE-2023-47462 9.8

This vulnerability allows remote attackers to execute arbitrary code on GL.iNet AX1800 routers by ex...

Same vulnerability type (CWE-276)