CVE-2021-0107

high-risk

Published 2022-02-09

Unchecked return value in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

Do I need to act?

0.26% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 6.7/10 Medium

LOCAL / LOW complexity

Affected Products (20)

Xeon Gold 6212U

Xeon Gold 6222V

Xeon Gold 6226

Xeon Gold 6226R

Xeon Gold 6230

Xeon Gold 6230N

Xeon Gold 6230R

Xeon Gold 6230T

Xeon Gold 6234

Xeon Gold 6238

Xeon Gold 6238L

Xeon Gold 6238R

Xeon Gold 6238T

Xeon Gold 6240

Xeon Gold 6240L

Xeon Gold 6240R

Xeon Gold 6240Y

Xeon Gold 6242

Xeon Gold 6242R

Xeon Gold 6244

Affected Vendors

Intel Netapp

References (4)

Third Party Advisory https://security.netapp.com/advisory/ntap-20220210-0007/

Vendor Advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00527....

Third Party Advisory https://security.netapp.com/advisory/ntap-20220210-0007/

Vendor Advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00527....

/ 100

high-risk

Severity 21/34 · High

Exploitability 1/34 · Minimal

Exposure 33/34 · Critical