Intel Processors privilege escalation | CVE-2021-33123
NAME
Intel Processors privilege escalation
- Platforms Affected:
Intel Xeon Processor D Family
Intel Xeon Processor E5 v4 Family
Intel Xeon Processor E7 v4 Family
Intel Xeon Processor E3 v5 Family
Intel Xeon Processor E3 v6 Family
Intel 8th Generation Intel Core Processors
Intel Xeon Processor E Family
Intel Core X-series Processors
Intel 2nd Generation Intel Xeon Scalable Processors
Intel 10th Generation Intel Core processors
Intel Xeon Processor W Family
Intel 3rd Generation Intel Xeon Scalable Processor Family
Intel Rocket Lake Xeon
Intel 9th Generation Intel Core Processor Family - Risk Level:
8.2 - Exploitability:
Unproven - Consequences:
Gain Privileges
DESCRIPTION
Intel Processors could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper access control in the BIOS firmware. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain elevated privileges.
CVSS 3.0 Information
- Privileges Required: High
- User Interaction: None
- Scope: Changed
- Access Vector: Local
- Access Complexity: Low
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
- Remediation Level: Official Fix
MITIGATION
Refer to INTEL-SA-00601 for patch, upgrade or suggested workaround information. See References.
- Reference Link:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00601.html - Reference Link:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33123
If you like the site, please consider joining the telegram channel and supporting us on Patreon using the button below.
