Sign-up

ID

VAR-202102-0056


CVE

CVE-2020-0523


TITLE

Intel(R) Ethernet I210 Controller  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2021-003908

DESCRIPTION

Improper access control in the firmware for the Intel(R) Ethernet I210 Controller series of network adapters before version 3.30 may potentially allow a privileged user to enable a denial of service via local access. Intel(R) Ethernet I210 Controller Contains an unspecified vulnerability.Denial of service (DoS) It may be put into a state. Intel Ethernet I210 Controller is a hardware device of Intel Corporation. The provision of a complete network protocol stack provides the basis for making small computer groups in the same local area network and a wide area network connected by a routing protocol. There is an access control error vulnerability in Intel Ethernet I210 Controller. The vulnerability is caused by network systems or products that do not properly restrict access to resources from unauthorized roles

Trust: 2.16

sources: NVD: CVE-2020-0523 // JVNDB: JVNDB-2021-003908 // CNVD: CNVD-2021-17787

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2021-17787

AFFECTED PRODUCTS

vendor:intelmodel:ethernet controller i210scope:ltversion:3.30

Trust: 1.0

vendor:インテルmodel:intel ethernet controller i210scope:eqversion: -

Trust: 0.8

vendor:インテルmodel:intel ethernet controller i210scope:eqversion:intel ethernet controller i210 firmware 3.30

Trust: 0.8

vendor:intelmodel:ethernet i210 controllerscope:ltversion:3.30

Trust: 0.6

sources: CNVD: CNVD-2021-17787 // JVNDB: JVNDB-2021-003908 // NVD: CVE-2020-0523

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-0523
value: MEDIUM

Trust: 1.0

NVD: CVE-2020-0523
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2021-17787
value: LOW

Trust: 0.6

CNNVD: CNNVD-202102-837
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2020-0523
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2021-17787
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2020-0523
baseSeverity: MEDIUM
baseScore: 4.4
vectorString: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 0.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2020-0523
baseSeverity: MEDIUM
baseScore: 4.4
vectorString: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2021-17787 // JVNDB: JVNDB-2021-003908 // CNNVD: CNNVD-202102-837 // NVD: CVE-2020-0523

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD Evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-003908 // NVD: CVE-2020-0523

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202102-837

TYPE

access control error

Trust: 0.6

sources: CNNVD: CNNVD-202102-837

PATCH

title:INTEL-SA-00318url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00318.html

Trust: 0.8

title:Patch for Intel Ethernet I210 Controller access control error vulnerability (CNVD-2021-17787)url:https://www.cnvd.org.cn/patchInfo/show/253226

Trust: 0.6

title:apt Fixes for access control error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=142211

Trust: 0.6

sources: CNVD: CNVD-2021-17787 // JVNDB: JVNDB-2021-003908 // CNNVD: CNNVD-202102-837

EXTERNAL IDS

db:NVDid:CVE-2020-0523

Trust: 3.0

db:JVNid:JVNVU93808918

Trust: 0.8

db:JVNDBid:JVNDB-2021-003908

Trust: 0.8

db:CNVDid:CNVD-2021-17787

Trust: 0.6

db:AUSCERTid:ESB-2021.0475

Trust: 0.6

db:LENOVOid:LEN-51727

Trust: 0.6

db:CS-HELPid:SB2022020211

Trust: 0.6

db:CNNVDid:CNNVD-202102-837

Trust: 0.6

sources: CNVD: CNVD-2021-17787 // JVNDB: JVNDB-2021-003908 // CNNVD: CNNVD-202102-837 // NVD: CVE-2020-0523

REFERENCES

url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00318.html

Trust: 1.6

url:https://nvd.nist.gov/vuln/detail/cve-2020-0523

Trust: 1.4

url:https://jvn.jp/vu/jvnvu93808918/index.html

Trust: 0.8

url:https://www.auscert.org.au/bulletins/esb-2021.0475

Trust: 0.6

url:https://vigilance.fr/vulnerability/intel-ethernet-i210-controller-denial-of-service-34938

Trust: 0.6

url:https://support.lenovo.com/us/en/product_security/len-51727

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022020211

Trust: 0.6

sources: CNVD: CNVD-2021-17787 // JVNDB: JVNDB-2021-003908 // CNNVD: CNNVD-202102-837 // NVD: CVE-2020-0523

SOURCES

db:CNVDid:CNVD-2021-17787
db:JVNDBid:JVNDB-2021-003908
db:CNNVDid:CNNVD-202102-837
db:NVDid:CVE-2020-0523

LAST UPDATE DATE

2024-11-23T21:14:31.926000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2021-17787date:2021-03-16T00:00:00
db:JVNDBid:JVNDB-2021-003908date:2021-11-09T09:08:00
db:CNNVDid:CNNVD-202102-837date:2022-02-07T00:00:00
db:NVDid:CVE-2020-0523date:2024-11-21T04:53:39.950

SOURCES RELEASE DATE

db:CNVDid:CNVD-2021-17787date:2021-03-16T00:00:00
db:JVNDBid:JVNDB-2021-003908date:2021-11-09T00:00:00
db:CNNVDid:CNNVD-202102-837date:2021-02-09T00:00:00
db:NVDid:CVE-2020-0523date:2021-02-17T14:15:14.797