Vulnerability Details : CVE-2021-0189
Use of out-of-range pointer offset in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.
Vulnerability category: Overflow
Products affected by CVE-2021-0189
- cpe:2.3:o:intel:xeon_platinum_9282_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_9242_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_9222_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_9221_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8280l_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8280_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8276l_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8276_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8270_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8268_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8260y_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8260l_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8260_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8256_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_8253_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6262v_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6254_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6252n_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6252_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6248_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6246_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6244_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6242_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6240_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6238t_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6238l_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6238_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6234_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6230t_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6230n_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6230_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6226_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6222v_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_5222_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_5220s_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_5220_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_5218n_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_5218b_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_5218_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_5217_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_5215l_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_5215_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_silver_4216_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_silver_4215_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_silver_4214y_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_silver_4214_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_silver_4210_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_silver_4209t_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_silver_4208_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_bronze_3204_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e7-8890_v4_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e7-8893_v4_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e7-8880_v4_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e7-4830_v4_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e7-8860_v4_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e7-4809_v4_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e7-8870_v4_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e7-4820_v4_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e7-8891_v4_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e7-8867_v4_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e7-4850_v4_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1230_v6_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1280_v6_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1225_v6_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1240_v6_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1275_v6_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1220_v6_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1270_v6_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1245_v6_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1535m_v6_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1505m_v6_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1565l_v5_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1585l_v5_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1585_v5_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1558l_v5_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1545m_v5_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1575m_v5_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1515m_v5_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1240l_v5_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1235l_v5_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1280_v5_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1220_v5_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1230_v5_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1245_v5_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1270_v5_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1225_v5_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1260l_v5_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1240_v5_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1275_v5_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1268l_v5_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1505m_v5_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1535m_v5_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2226g_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2234_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2236_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2244g_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2274g_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2246g_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2224_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2224g_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2288g_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2278g_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2286g_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2276g_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2124g_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2146g_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2176g_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2136_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2134_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2144g_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2174g_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2186g_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2126g_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2124_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6210u_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6212u_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6240y_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6240l_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_5218t_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_5220t_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6209u_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1578l_v5_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1505l_v5_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1505l_v6_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1501l_v6_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1501m_v6_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e3-1285_v6_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2286m_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2278gel_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2278ge_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2276ml_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2276me_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2276m_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2254ml_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2254me_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2226ge_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2186m_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2176m_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e7-8894_v4_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_bronze_3206r_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_5218r_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_5220r_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6208u_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6226r_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6230r_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6238r_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6240r_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6242r_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6246r_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6248r_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6250_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6250l_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6256_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_6258r_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_silver_4210r_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_silver_4210t_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_silver_4214r_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_silver_4215r_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2314_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2324g_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2334_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2336_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2356g_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2374g_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2378_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2378g_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2386g_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_e-2388g_firmware:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-0189
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 10 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-0189
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST | |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2021-0189
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2021-0189
-
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00601.html
INTEL-SA-00601Vendor Advisory
-
https://security.netapp.com/advisory/ntap-20220818-0003/
Intel SA-00601 BIOS Firmware Vulnerabilities in NetApp Products | NetApp Product SecurityThird Party Advisory
Jump to