5.5
MEDIUM
CVE-2020-12966
AMD EPYC Processors SEV-ES and SEV-SNP Information Disclosure Vulnerability
Description

AMD EPYC™ Processors contain an information disclosure vulnerability in the Secure Encrypted Virtualization with Encrypted State (SEV-ES) and Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP). A local authenticated attacker could potentially exploit this vulnerability leading to leaking guest data by the malicious hypervisor.

INFO

Published Date :

Feb. 4, 2022, 11:15 p.m.

Last Modified :

Nov. 21, 2024, 5 a.m.

Remotely Exploitable :

No

Impact Score :

3.6

Exploitability Score :

1.8
Public PoC/Exploit Available at Github

CVE-2020-12966 has a 1 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2020-12966 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Amd epyc_7h12_firmware
2 Amd epyc_7f72_firmware
3 Amd epyc_7f52_firmware
4 Amd epyc_7f32_firmware
5 Amd epyc_7742_firmware
6 Amd epyc_7702p_firmware
7 Amd epyc_7702_firmware
8 Amd epyc_7662_firmware
9 Amd epyc_7642_firmware
10 Amd epyc_7552_firmware
11 Amd epyc_7542_firmware
12 Amd epyc_7532_firmware
13 Amd epyc_7502p_firmware
14 Amd epyc_7502_firmware
15 Amd epyc_7452_firmware
16 Amd epyc_7402_firmware
17 Amd epyc_7402p_firmware
18 Amd epyc_7352_firmware
19 Amd epyc_7302p_firmware
20 Amd epyc_7302_firmware
21 Amd epyc_7282_firmware
22 Amd epyc_7272_firmware
23 Amd epyc_7262_firmware
24 Amd epyc_7252_firmware
25 Amd epyc_7232p_firmware
26 Amd epyc_7002_firmware
27 Amd epyc_7003_firmware
28 Amd epyc_72f3_firmware
29 Amd epyc_7313_firmware
30 Amd epyc_7313p_firmware
31 Amd epyc_7343_firmware
32 Amd epyc_73f3_firmware
33 Amd epyc_7413_firmware
34 Amd epyc_7443_firmware
35 Amd epyc_7443p_firmware
36 Amd epyc_7453_firmware
37 Amd epyc_74f3_firmware
38 Amd epyc_7513_firmware
39 Amd epyc_7543_firmware
40 Amd epyc_7543p_firmware
41 Amd epyc_75f3_firmware
42 Amd epyc_7643_firmware
43 Amd epyc_7663_firmware
44 Amd epyc_7713_firmware
45 Amd epyc_7713p_firmware
46 Amd epyc_7763_firmware
47 Amd epyc_7001_firmware
48 Amd epyc_7251_firmware
49 Amd epyc_7261_firmware
50 Amd epyc_7281_firmware
51 Amd epyc_7301_firmware
52 Amd epyc_7351_firmware
53 Amd epyc_7371_firmware
54 Amd epyc_7401_firmware
55 Amd epyc_7401p_firmware
56 Amd epyc_7451_firmware
57 Amd epyc_7501_firmware
58 Amd epyc_7551_firmware
59 Amd epyc_7551p_firmware
60 Amd epyc_7601_firmware
61 Amd epyc_7351p_firmware
62 Amd epyc_embedded_3101_firmware
63 Amd epyc_embedded_3151_firmware
64 Amd epyc_embedded_3201_firmware
65 Amd epyc_embedded_3251_firmware
66 Amd epyc_embedded_3255_firmware
67 Amd epyc_embedded_3451_firmware
68 Amd epyc_embedded_7601_firmware
69 Amd epyc_embedded_7551_firmware
70 Amd epyc_embedded_7501_firmware
71 Amd epyc_embedded_7451_firmware
72 Amd epyc_embedded_7401_firmware
73 Amd epyc_embedded_7371_firmware
74 Amd epyc_embedded_7351_firmware
75 Amd epyc_embedded_7301_firmware
76 Amd epyc_embedded_7281_firmware
77 Amd epyc_embedded_7261_firmware
78 Amd epyc_embedded_7251_firmware
79 Amd epyc_embedded_755p_firmware
80 Amd epyc_embedded_740p_firmware
81 Amd epyc_embedded_735p_firmware
82 Amd epyc_embedded_3351_firmware
83 Amd epyc_embedded_7h12_firmware
84 Amd epyc_embedded_7742_firmware
85 Amd epyc_embedded_7702_firmware
86 Amd epyc_embedded_7662_firmware
87 Amd epyc_embedded_7642_firmware
88 Amd epyc_embedded_7552_firmware
89 Amd epyc_embedded_7542_firmware
90 Amd epyc_embedded_7532_firmware
91 Amd epyc_embedded_7502_firmware
92 Amd epyc_embedded_7452_firmware
93 Amd epyc_embedded_7f72_firmware
94 Amd epyc_embedded_7402_firmware
95 Amd epyc_embedded_7352_firmware
96 Amd epyc_embedded_7f52_firmware
97 Amd epyc_embedded_7302_firmware
98 Amd epyc_embedded_7282_firmware
99 Amd epyc_embedded_7272_firmware
100 Amd epyc_embedded_7f32_firmware
101 Amd epyc_embedded_7262_firmware
102 Amd epyc_embedded_7252_firmware
103 Amd epyc_embedded_7702p_firmware
104 Amd epyc_embedded_7502p_firmware
105 Amd epyc_embedded_7402p_firmware
106 Amd epyc_embedded_7302p_firmware
107 Amd epyc_embedded_7232p_firmware
108 Amd epyc_7232p
109 Amd epyc_7251
110 Amd epyc_7252
111 Amd epyc_7261
112 Amd epyc_7262
113 Amd epyc_7272
114 Amd epyc_7281
115 Amd epyc_7282
116 Amd epyc_72f3
117 Amd epyc_7301
118 Amd epyc_7302
119 Amd epyc_7302p
120 Amd epyc_7313
121 Amd epyc_7313p
122 Amd epyc_7343
123 Amd epyc_7351
124 Amd epyc_7351p
125 Amd epyc_7352
126 Amd epyc_7371
127 Amd epyc_73f3
128 Amd epyc_7401
129 Amd epyc_7401p
130 Amd epyc_7402
131 Amd epyc_7402p
132 Amd epyc_7413
133 Amd epyc_7443
134 Amd epyc_7443p
135 Amd epyc_7451
136 Amd epyc_7452
137 Amd epyc_7453
138 Amd epyc_74f3
139 Amd epyc_7501
140 Amd epyc_7502
141 Amd epyc_7502p
142 Amd epyc_7513
143 Amd epyc_7532
144 Amd epyc_7542
145 Amd epyc_7543
146 Amd epyc_7543p
147 Amd epyc_7551
148 Amd epyc_7551p
149 Amd epyc_7552
150 Amd epyc_75f3
151 Amd epyc_7601
152 Amd epyc_7642
153 Amd epyc_7643
154 Amd epyc_7662
155 Amd epyc_7663
156 Amd epyc_7702
157 Amd epyc_7702p
158 Amd epyc_7713
159 Amd epyc_7713p
160 Amd epyc_7742
161 Amd epyc_7763
162 Amd epyc_7f32
163 Amd epyc_7f52
164 Amd epyc_7f72
165 Amd epyc_7h12
166 Amd epyc_embedded_3101
167 Amd epyc_embedded_3151
168 Amd epyc_embedded_3201
169 Amd epyc_embedded_3251
170 Amd epyc_embedded_3255
171 Amd epyc_embedded_3351
172 Amd epyc_embedded_3451
173 Amd epyc_7001
174 Amd epyc_7002
175 Amd epyc_7003
176 Amd epyc_embedded_7601
177 Amd epyc_embedded_7551
178 Amd epyc_embedded_7501
179 Amd epyc_embedded_7451
180 Amd epyc_embedded_7401
181 Amd epyc_embedded_7371
182 Amd epyc_embedded_7351
183 Amd epyc_embedded_7301
184 Amd epyc_embedded_7281
185 Amd epyc_embedded_7261
186 Amd epyc_embedded_7251
187 Amd epyc_embedded_755p
188 Amd epyc_embedded_740p
189 Amd epyc_embedded_735p
190 Amd epyc_embedded_7h12
191 Amd epyc_embedded_7742
192 Amd epyc_embedded_7702
193 Amd epyc_embedded_7662
194 Amd epyc_embedded_7642
195 Amd epyc_embedded_7552
196 Amd epyc_embedded_7542
197 Amd epyc_embedded_7532
198 Amd epyc_embedded_7502
199 Amd epyc_embedded_7452
200 Amd epyc_embedded_7f72
201 Amd epyc_embedded_7402
202 Amd epyc_embedded_7352
203 Amd epyc_embedded_7f52
204 Amd epyc_embedded_7302
205 Amd epyc_embedded_7282
206 Amd epyc_embedded_7272
207 Amd epyc_embedded_7f32
208 Amd epyc_embedded_7262
209 Amd epyc_embedded_7252
210 Amd epyc_embedded_7702p
211 Amd epyc_embedded_7502p
212 Amd epyc_embedded_7402p
213 Amd epyc_embedded_7302p
214 Amd epyc_embedded_7232p
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2020-12966.

URL Resource
http://www.openwall.com/lists/oss-security/2022/08/08/6 Mailing List Third Party Advisory
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1013 Mitigation Vendor Advisory
http://www.openwall.com/lists/oss-security/2022/08/08/6 Mailing List Third Party Advisory
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1013 Mitigation Vendor Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

fork of wolfssl that enables the use of expanded ed25519 keys for use with Tor

CMake C++ Shell C Makefile Batchfile Assembly Perl FreeMarker Objective-C

Updated: 2 years, 3 months ago
0 stars 0 fork 0 watcher
Born at : Sept. 1, 2022, 6:05 p.m. This repo has been linked 3 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2020-12966 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2020-12966 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by af854a3a-2127-422b-91ae-364da2661108

    Nov. 21, 2024

    Action Type Old Value New Value
    Added Reference http://www.openwall.com/lists/oss-security/2022/08/08/6
    Added Reference https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1013
  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • Modified Analysis by [email protected]

    Oct. 26, 2022

    Action Type Old Value New Value
    Changed Reference Type http://www.openwall.com/lists/oss-security/2022/08/08/6 No Types Assigned http://www.openwall.com/lists/oss-security/2022/08/08/6 Mailing List, Third Party Advisory
  • CVE Modified by [email protected]

    Aug. 08, 2022

    Action Type Old Value New Value
    Added Reference http://www.openwall.com/lists/oss-security/2022/08/08/6 [No Types Assigned]
  • Initial Analysis by [email protected]

    Feb. 09, 2022

    Action Type Old Value New Value
    Added CVSS V2 NIST (AV:L/AC:L/Au:N/C:P/I:N/A:N)
    Added CVSS V3.1 NIST AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
    Changed Reference Type https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1013 No Types Assigned https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1013 Mitigation, Vendor Advisory
    Added CWE NIST CWE-200
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7763_firmware:*:*:*:*:*:*:*:* versions up to (excluding) milanpi-sp3_1.0.0.5 OR cpe:2.3:h:amd:epyc_7763:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7713p_firmware:*:*:*:*:*:*:*:* versions up to (excluding) milanpi-sp3_1.0.0.5 OR cpe:2.3:h:amd:epyc_7713p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7713_firmware:*:*:*:*:*:*:*:* versions up to (excluding) milanpi-sp3_1.0.0.5 OR cpe:2.3:h:amd:epyc_7713:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7663_firmware:*:*:*:*:*:*:*:* versions up to (excluding) milanpi-sp3_1.0.0.5 OR cpe:2.3:h:amd:epyc_7663:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7643_firmware:*:*:*:*:*:*:*:* versions up to (excluding) milanpi-sp3_1.0.0.5 OR cpe:2.3:h:amd:epyc_7643:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_75f3_firmware:*:*:*:*:*:*:*:* versions up to (excluding) milanpi-sp3_1.0.0.5 OR cpe:2.3:h:amd:epyc_75f3:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7543p_firmware:*:*:*:*:*:*:*:* versions up to (excluding) milanpi-sp3_1.0.0.5 OR cpe:2.3:h:amd:epyc_7543p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7543_firmware:*:*:*:*:*:*:*:* versions up to (excluding) milanpi-sp3_1.0.0.5 OR cpe:2.3:h:amd:epyc_7543:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7513_firmware:*:*:*:*:*:*:*:* versions up to (excluding) milanpi-sp3_1.0.0.5 OR cpe:2.3:h:amd:epyc_7513:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_74f3_firmware:*:*:*:*:*:*:*:* versions up to (excluding) milanpi-sp3_1.0.0.5 OR cpe:2.3:h:amd:epyc_74f3:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7453_firmware:*:*:*:*:*:*:*:* versions up to (excluding) milanpi-sp3_1.0.0.5 OR cpe:2.3:h:amd:epyc_7453:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7443p_firmware:*:*:*:*:*:*:*:* versions up to (excluding) milanpi-sp3_1.0.0.5 OR cpe:2.3:h:amd:epyc_7443p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7443_firmware:*:*:*:*:*:*:*:* versions up to (excluding) milanpi-sp3_1.0.0.5 OR cpe:2.3:h:amd:epyc_7443:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7413_firmware:*:*:*:*:*:*:*:* versions up to (excluding) milanpi-sp3_1.0.0.5 OR cpe:2.3:h:amd:epyc_7413:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_73f3_firmware:*:*:*:*:*:*:*:* versions up to (excluding) milanpi-sp3_1.0.0.5 OR cpe:2.3:h:amd:epyc_73f3:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7343_firmware:*:*:*:*:*:*:*:* versions up to (excluding) milanpi-sp3_1.0.0.5 OR cpe:2.3:h:amd:epyc_7343:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7313p_firmware:*:*:*:*:*:*:*:* versions up to (excluding) milanpi-sp3_1.0.0.5 OR cpe:2.3:h:amd:epyc_7313p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7313_firmware:*:*:*:*:*:*:*:* versions up to (excluding) milanpi-sp3_1.0.0.5 OR cpe:2.3:h:amd:epyc_7313:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_72f3_firmware:*:*:*:*:*:*:*:* versions up to (excluding) milanpi-sp3_1.0.0.5 OR cpe:2.3:h:amd:epyc_72f3:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7003_firmware:*:*:*:*:*:*:*:* versions up to (excluding) milanpi-sp3_1.0.0.5 OR cpe:2.3:h:amd:epyc_7003:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7001_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7001:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7002_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7002:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7232p_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7232p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7251_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7251:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7252_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7252:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7261_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7261:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7262_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7262:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7272_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7272:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7281_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7281:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7282_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7282:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7301_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7301:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7302_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7302:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7302p_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7302p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7351_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7351:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7351p_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7351p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7352_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7352:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7371_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7371:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7401_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7401:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7401p_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7401p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7402_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7402:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7402p_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7402p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7451_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7451:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7452_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7452:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7501_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7501:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7502_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7502:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7502p_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7502p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7532_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7532:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7542_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7542:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7551_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7551:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7551p_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7551p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7552_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7552:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7601_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7601:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7642_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7642:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7662_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7662:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7702_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7702:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7702p_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7702p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7742_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7742:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7f32_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7f32:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7f52_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7f52:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7f72_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7f72:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_7h12_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_7h12:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_3101_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_3101:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_3151_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_3151:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_3201_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_3201:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_3251_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_3251:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_3255_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_3255:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_3351_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_3351:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_3451_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_3451:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7232p_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7232p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7251_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7251:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7252_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7252:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7261_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7261:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7262_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7262:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7272_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7272:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7281_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7281:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7282_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7282:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7301_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7301:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7302_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7302:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7302p_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7302p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7351_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7351:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7352_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7352:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_735p_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_735p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7371_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7371:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7401_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7401:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7402_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7402:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7402p_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7402p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_740p_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_740p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7451_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7451:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7452_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7452:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7501_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7501:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7502_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7502:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7502p_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7502p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7532_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7532:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7542_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7542:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7551_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7551:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7552_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7552:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_755p_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_755p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7601_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7601:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7642_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7642:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7662_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7662:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7702_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7702:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7702p_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7702p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7742_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7742:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7f32_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7f32:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7f52_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7f52:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7f72_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7f72:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:amd:epyc_embedded_7h12_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:amd:epyc_embedded_7h12:-:*:*:*:*:*:*:*
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2020-12966 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2020-12966 weaknesses.

CAPEC-13: Subverting Environment Variable Values Subverting Environment Variable Values CAPEC-22: Exploiting Trust in Client Exploiting Trust in Client CAPEC-59: Session Credential Falsification through Prediction Session Credential Falsification through Prediction CAPEC-60: Reusing Session IDs (aka Session Replay) Reusing Session IDs (aka Session Replay) CAPEC-79: Using Slashes in Alternate Encoding Using Slashes in Alternate Encoding CAPEC-116: Excavation Excavation CAPEC-169: Footprinting Footprinting CAPEC-224: Fingerprinting Fingerprinting CAPEC-285: ICMP Echo Request Ping ICMP Echo Request Ping CAPEC-287: TCP SYN Scan TCP SYN Scan CAPEC-290: Enumerate Mail Exchange (MX) Records Enumerate Mail Exchange (MX) Records CAPEC-291: DNS Zone Transfers DNS Zone Transfers CAPEC-292: Host Discovery Host Discovery CAPEC-293: Traceroute Route Enumeration Traceroute Route Enumeration CAPEC-294: ICMP Address Mask Request ICMP Address Mask Request CAPEC-295: Timestamp Request Timestamp Request CAPEC-296: ICMP Information Request ICMP Information Request CAPEC-297: TCP ACK Ping TCP ACK Ping CAPEC-298: UDP Ping UDP Ping CAPEC-299: TCP SYN Ping TCP SYN Ping CAPEC-300: Port Scanning Port Scanning CAPEC-301: TCP Connect Scan TCP Connect Scan CAPEC-302: TCP FIN Scan TCP FIN Scan CAPEC-303: TCP Xmas Scan TCP Xmas Scan CAPEC-304: TCP Null Scan TCP Null Scan CAPEC-305: TCP ACK Scan TCP ACK Scan CAPEC-306: TCP Window Scan TCP Window Scan CAPEC-307: TCP RPC Scan TCP RPC Scan CAPEC-308: UDP Scan UDP Scan CAPEC-309: Network Topology Mapping Network Topology Mapping CAPEC-310: Scanning for Vulnerable Software Scanning for Vulnerable Software CAPEC-312: Active OS Fingerprinting Active OS Fingerprinting CAPEC-313: Passive OS Fingerprinting Passive OS Fingerprinting CAPEC-317: IP ID Sequencing Probe IP ID Sequencing Probe CAPEC-318: IP 'ID' Echoed Byte-Order Probe IP 'ID' Echoed Byte-Order Probe CAPEC-319: IP (DF) 'Don't Fragment Bit' Echoing Probe IP (DF) 'Don't Fragment Bit' Echoing Probe CAPEC-320: TCP Timestamp Probe TCP Timestamp Probe CAPEC-321: TCP Sequence Number Probe TCP Sequence Number Probe CAPEC-322: TCP (ISN) Greatest Common Divisor Probe TCP (ISN) Greatest Common Divisor Probe CAPEC-323: TCP (ISN) Counter Rate Probe TCP (ISN) Counter Rate Probe CAPEC-324: TCP (ISN) Sequence Predictability Probe TCP (ISN) Sequence Predictability Probe CAPEC-325: TCP Congestion Control Flag (ECN) Probe TCP Congestion Control Flag (ECN) Probe CAPEC-326: TCP Initial Window Size Probe TCP Initial Window Size Probe CAPEC-327: TCP Options Probe TCP Options Probe CAPEC-328: TCP 'RST' Flag Checksum Probe TCP 'RST' Flag Checksum Probe CAPEC-329: ICMP Error Message Quoting Probe ICMP Error Message Quoting Probe CAPEC-330: ICMP Error Message Echoing Integrity Probe ICMP Error Message Echoing Integrity Probe CAPEC-472: Browser Fingerprinting Browser Fingerprinting CAPEC-497: File Discovery File Discovery CAPEC-508: Shoulder Surfing Shoulder Surfing CAPEC-573: Process Footprinting Process Footprinting CAPEC-574: Services Footprinting Services Footprinting CAPEC-575: Account Footprinting Account Footprinting CAPEC-576: Group Permission Footprinting Group Permission Footprinting CAPEC-577: Owner Footprinting Owner Footprinting CAPEC-616: Establish Rogue Location Establish Rogue Location CAPEC-643: Identify Shared Files/Directories on System Identify Shared Files/Directories on System CAPEC-646: Peripheral Footprinting Peripheral Footprinting CAPEC-651: Eavesdropping Eavesdropping
Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

0.04 }} 0.00%

score

0.05635

percentile

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability