CVE-2021-0114

CWE-1188 CWE-6654 documents4 sources

Severity

6.7MEDIUM

EPSS

0.1%

top 65.17%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel Core I5 Intel Core I7 Intel Core I9 +27 more

Timeline

PublishedAug 16

Latest updateMay 24

Description

Unchecked return value in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages31 packages

▶CVEListV5intel(r)_processorsSee references

▶NVDintel/core_i562 versions+61

▶NVDintel/core_i7102 versions+101

▶NVDintel/core_i96 versions+5

▶NVDintel/xeon_e345 versions+44

🔴Vulnerability Details

GHSA

GHSA-xcg6-8prp-mxmv: Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged user to potentially enable an escalation of privilege v↗2022-05-24

▶

CVEList

CVE-2021-0114: Unchecked return value in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via l↗2021-08-16

▶

📋Vendor Advisories

Chrome

Stable Channel Update for Desktop: CVE-2022-0112↗2022-01-04

▶