CVE-2021-0188

EUVD-2021-2807
Return of pointer value outside of expected range in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA-ADPADP
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 34%
Affected Products (NVD)
VendorProductVersion
intelxeon_e3-1558l_v5_firmware
-
intelxeon_e3-1565l_v5_firmware
-
intelxeon_e3-1578l_v5_firmware
-
intelxeon_e3-1585_v5_firmware
-
intelxeon_e3-1585l_v5_firmware
-
intelxeon_e3-1515m_v5_firmware
-
intelxeon_e3-1545m_v5_firmware
-
intelxeon_e3-1575m_v5_firmware
-
intelxeon_e3-1220_v5_firmware
-
intelxeon_e3-1225_v5_firmware
-
intelxeon_e3-1230_v5_firmware
-
intelxeon_e3-1235l_v5_firmware
-
intelxeon_e3-1240_v5_firmware
-
intelxeon_e3-1240l_v5_firmware
-
intelxeon_e3-1245_v5_firmware
-
intelxeon_e3-1260l_v5_firmware
-
intelxeon_e3-1268l_v5_firmware
-
intelxeon_e3-1270_v5_firmware
-
intelxeon_e3-1275_v5_firmware
-
intelxeon_e3-1280_v5_firmware
-
intelxeon_e3-1505l_v5_firmware
-
intelxeon_e3-1505m_v5_firmware
-
intelxeon_e3-1535m_v5_firmware
-
intelxeon_e3-1285_v6_firmware
-
intelxeon_e3-1501l_v6_firmware
-
intelxeon_e3-1501m_v6_firmware
-
intelxeon_e3-1220_v6_firmware
-
intelxeon_e3-1225_v6_firmware
-
intelxeon_e3-1230_v6_firmware
-
intelxeon_e3-1240_v6_firmware
-
intelxeon_e3-1245_v6_firmware
-
intelxeon_e3-1270_v6_firmware
-
intelxeon_e3-1275_v6_firmware
-
intelxeon_e3-1280_v6_firmware
-
intelxeon_e3-1505l_v6_firmware
-
intelxeon_e3-1505m_v6_firmware
-
intelxeon_e3-1535m_v6_firmware
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://security.netapp.com/advisory/ntap-20220818-0003/
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00601.html
https://security.netapp.com/advisory/ntap-20220818-0003/
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00601.html