Intel Bios vulnerabilities

CVE-2021-33117 [MEDIUM] CVE-2021-33117: Improper access control for some 3rd Generation Intel(R) Xeon(R) Scalable Processors before BIOS ver Improper access control for some 3rd Generation Intel(R) Xeon(R) Scalable Processors before BIOS version MR7, may allow a local attacker to potentially enable information disclosure via local access.

CVE-2018-3612 [HIGH] CWE-20 CVE-2018-3612: Intel NUC kits with insufficient input validation in system firmware, potentially allows a local att Intel NUC kits with insufficient input validation in system firmware, potentially allows a local attacker to elevate privileges to System Management Mode (SMM).

CVE-2008-7096 [MEDIUM] CWE-264 CVE-2008-7096: Intel Desktop and Intel Mobile Boards with BIOS firmware DQ35JO, DQ35MP, DP35DP, DG33FB, DG33BU, DG3 Intel Desktop and Intel Mobile Boards with BIOS firmware DQ35JO, DQ35MP, DP35DP, DG33FB, DG33BU, DG33TL, MGM965TW, D945GCPE, and DX38BT allows local administrators with ring 0 privileges to gain additional privileges and modify code that is running in System Management Mode, or access hypervisory memory as demonstrated at Black Hat 2008 by accessing c

CVE-2008-3900 [LOW] CWE-200 CVE-2008-3900: Intel firmware PE94510M.86A.0050.2007.0710.1559 stores pre-boot authentication passwords in the BIOS Intel firmware PE94510M.86A.0050.2007.0710.1559 stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer.