Input Validation Flaw in Firmware for Intel Processors
CVE-2021-0156

7.8HIGH

Key Information:

Vendor: Netapp
Status: Intel(r) Processors
Vendor: CVE Published:; 9 February 2022

Summary

An improper input validation flaw exists within the firmware of certain Intel processors. This vulnerability could allow an authenticated user, through local access, to potentially escalate their privileges. Such a scenario poses significant security risks, making it crucial for users and administrators to apply updates and patches as soon as they become available. Visit Intel's advisory for detailed recommendations and mitigations.

Affected Version(s)

Intel(R) Processors See references

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20220210-0007/

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 9, 2022
Vulnerability Reserved
Oct 22, 2020