← volver
CVE-2026-20709

CVE-2026-20709

CVSS 5.8 MEDIUMEPSS 0.1%CWE-1394
En resumen

Algunos procesadores Intel Pentium Silver, Celeron J y Celeron N utilizan una clave criptográfica predeterminada en el hardware que podría permitir a un atacante con acceso físico y conocimiento especial obtener privilegios elevados y acceder a datos sensibles.

Detalle técnico

Implica el uso de una clave criptográfica predeterminada o codificada en el hardware (CWE-1394). Vector de ataque requiere acceso físico, capacidad de ingeniería inversa, contexto de usuario privilegiado y conocimiento interno especializado. El impacto principal es violación de confidencialidad a nivel de sistema.

Resumen generado y traducido por IA a partir de la descripción oficial.
Use of Default Cryptographic Key in the hardware for some Intel(R) Pentium(R) Processor Silver Series, Intel(R) Celeron(R) Processor J Series, Intel(R) Celeron(R) Processor N Series may allow an escalation of privilege. Hardware reverse engineer adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via physical access when attack requirements are present with special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (high), integrity (high) and availability (none) impacts.
CVSS:4.0/AV:P/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:N
Productos afectados
n/a · Intel(R) Pentium(R) Processor Silver Series, Intel(R) Celeron(R) Processor J Series, Intel(R) Celeron(R) Processor N Series may allow an escalation of privilege. Hardware reverse engineer adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via physical access when attack requirements are present with special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (high), integrity (high) and availability (none) impacts.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://intel.com/content/www/us/en/security-center/advisory/intel-sa-00609.html