CVE-2021-0187

moderate-risk
Published 2023-02-16

Improper access control in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.

Do I need to act?

-
0.05% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
3
CVSS 3.2/10 Low
LOCAL / LOW complexity

Affected Products (20)

Xeon Gold 6342 Firmware
Xeon Gold 6346 Firmware
Xeon Gold 6330 Firmware
Xeon Platinum 8360Y Firmware
Xeon Gold 6354 Firmware
Xeon Gold 6314U Firmware
Xeon Gold 6338N Firmware
Xeon Silver 4314 Firmware
Xeon Silver 4316 Firmware
Xeon Gold 5318Y Firmware
Xeon Gold 5317 Firmware
Xeon Gold 6334 Firmware
Xeon Gold 6326 Firmware
Xeon Silver 4309Y Firmware
Xeon Gold 6348 Firmware
Xeon Silver 4310 Firmware
Xeon Gold 6338T Firmware
Xeon Gold 5318S Firmware
Xeon Gold 6336Y Firmware
Xeon Gold 5318N Firmware

Affected Vendors

Intel

References (2)

Vendor Advisory http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00717.h...
Vendor Advisory http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00717.h...
38
/ 100
moderate-risk
Severity 12/34 · Low
Exploitability 0/34 · Minimal
Exposure 26/34 · High