Improper Access Control in Intel Processors Firmware
CVE-2021-0124

6.6MEDIUM

Key Information:

Vendor: Netapp
Status: Intel(r) Processors
Vendor: CVE Published:; 9 February 2022

Summary

An improper access control vulnerability exists in the firmware of specific Intel processors, potentially allowing a privileged user with physical access to exploit the issue and escalate privileges. This scenario poses significant risks if leveraged within sensitive environments, as it may enable unauthorized actions and compromise system integrity.

Affected Version(s)

Intel(R) Processors See references

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20220210-0007/

x_refsource_CONFIRM

CVSS V3.1

Score:

6.6

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 9, 2022
Vulnerability Reserved
Oct 22, 2020