rssLink RSS for all categories
 
icon_red
icon_green
icon_green
icon_red
icon_red
icon_green
icon_green
icon_red
icon_red
icon_red
icon_green
icon_green
icon_green
icon_orange
icon_green
icon_orange
icon_green
icon_blue
icon_red
icon_orange
icon_green
icon_orange
icon_green
icon_red
icon_orange
icon_green
icon_green
icon_green
icon_green
icon_green
icon_blue
icon_green
icon_red
 

FS#45029 — Intel Vulnerabilities Disclosure

Attached to Project— Dedicated Servers
Maintenance
ALL
CLOSED
100%
Intel brought to our attention 18 vulnerabilities affecting their products that should be disclosed on Tuesday June, 9th. 2020.

These vulnerabilities are affecting different scopes :
- Intel SSD firmwares : CVE-2020-0527
- Intel BIOS Extensions (CSME, SPS, TXE, AMT and DAL) : CVE-2020-0542, CVE-2020-0532, CVE-2020-0538, CVE-2020-0534, CVE-2020-0540, CVE-2020-0541, CVE-2020-0533, CVE-2020-0537, CVE-2020-0531, CVE-2020-0535, CVE-2020-0536, CVE-2020-0545, CVE-2020-0539, CVE-2020-0566, CVE-2020-0594, CVE-2020-0595, CVE-2020-0596, CVE-2020-0597, CVE-2020-0586
- BIOS: CVE-2020-0528, CVE-2020-0529
- CPU Microcode : CVE-2020-0543

OVHcloud takes the security of its customers seriously. As far as we know, these vulnerabilities have not been exploited in OVHcloud and there is yet no available proof of concept. As soon as this information reached us, OVH immediately mobilized its crisis unit to identify the potential impacts of these vulnerabilities and set up an appropriate system to protect its customers' data. However, if our customers are running their own system, we recommend them to upgrade their kernel to get the last version of the Intel Microcode applied in order to patch CVE-2020-0543.
Date:  Tuesday, 09 June 2020, 19:25PM
Reason for closing:  Done