CVE-2021-0103

high-risk

Published 2022-02-09

Insufficient control flow management in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.

Do I need to act?

0.26% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 6.7/10 Medium

LOCAL / LOW complexity

Affected Products (20)

Atom C3308

Atom C3336

Atom C3338

Atom C3338R

Atom C3436L

Atom C3508

Atom C3538

Atom C3558

Atom C3558R

Atom C3708

Atom C3750

Atom C3758

Atom C3758R

Atom C3808

Atom C3830

Atom C3850

Atom C3858

Atom C3950

Atom C3955

Atom C3958

Affected Vendors

Intel Netapp

References (4)

Third Party Advisory https://security.netapp.com/advisory/ntap-20220210-0007/

Vendor Advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00527....

Third Party Advisory https://security.netapp.com/advisory/ntap-20220210-0007/

Vendor Advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00527....

/ 100

high-risk

Severity 21/34 · High

Exploitability 1/34 · Minimal

Exposure 33/34 · Critical