CVE-2020-0550

moderate-risk

Published 2020-03-12

Improper data forwarding in some data cache for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. The list of affected products is provided in intel-sa-00330: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00330.html

Do I need to act?

0.06% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.6/10 Medium

LOCAL / HIGH complexity

Affected Products (20)

Celeron 1000M

Celeron 1005M

Celeron 1007U

Celeron 1017U

Celeron 1019Y

Celeron 1020E

Celeron 1020M

Celeron 1037U

Celeron 1047Ue

Celeron 2955U

Celeron 2957U

Celeron 2970M

Celeron 2980U

Celeron 2981U

Celeron 3765U

Celeron 725C

Celeron 787

Celeron 797

Celeron 807

Celeron 807Ue

Affected Vendors

Intel

References (4)

Third Party Advisory https://security.netapp.com/advisory/ntap-20200320-0001/

Vendor Advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00330....

Third Party Advisory https://security.netapp.com/advisory/ntap-20200320-0001/

Vendor Advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00330....

/ 100

moderate-risk

Severity 15/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 33/34 · Critical