Improper Access Control in Intel Processors Firmware
CVE-2021-0124

6.6MEDIUM

Key Information:

Vendor: Netapp
Status: Intel(r) Processors
Vendor: CVE Published:; 9 February 2022

What is CVE-2021-0124?

An improper access control vulnerability exists in the firmware of specific Intel processors, potentially allowing a privileged user with physical access to exploit the issue and escalate privileges. This scenario poses significant risks if leveraged within sensitive environments, as it may enable unauthorized actions and compromise system integrity.

Affected Version(s)

Intel(R) Processors See references

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20220210-0007/

x_refsource_CONFIRM

CVSS V3.1

Score:

6.6

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 9, 2022
Vulnerability Reserved
Oct 22, 2020

Netapp

What is CVE-2021-0124?

Affected Version(s)

References

CVSS V3.1

Timeline