7.8

CVE-2021-0188

Return of pointer value outside of expected range in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.

Data is provided by the National Vulnerability Database (NVD)
IntelXeon E3-1558l V5 Firmware Version-
   IntelXeon E3-1558l V5 Version-
IntelXeon E3-1565l V5 Firmware Version-
   IntelXeon E3-1565l V5 Version-
IntelXeon E3-1578l V5 Firmware Version-
   IntelXeon E3-1578l V5 Version-
IntelXeon E3-1585 V5 Firmware Version-
   IntelXeon E3-1585 V5 Version-
IntelXeon E3-1585l V5 Firmware Version-
   IntelXeon E3-1585l V5 Version-
IntelXeon E3-1515m V5 Firmware Version-
   IntelXeon E3-1515m V5 Version-
IntelXeon E3-1545m V5 Firmware Version-
   IntelXeon E3-1545m V5 Version-
IntelXeon E3-1575m V5 Firmware Version-
   IntelXeon E3-1575m V5 Version-
IntelXeon E3-1220 V5 Firmware Version-
   IntelXeon E3-1220 V5 Version-
IntelXeon E3-1225 V5 Firmware Version-
   IntelXeon E3-1225 V5 Version-
IntelXeon E3-1230 V5 Firmware Version-
   IntelXeon E3-1230 V5 Version-
IntelXeon E3-1235l V5 Firmware Version-
   IntelXeon E3-1235l V5 Version-
IntelXeon E3-1240 V5 Firmware Version-
   IntelXeon E3-1240 V5 Version-
IntelXeon E3-1240l V5 Firmware Version-
   IntelXeon E3-1240l V5 Version-
IntelXeon E3-1245 V5 Firmware Version-
   IntelXeon E3-1245 V5 Version-
IntelXeon E3-1260l V5 Firmware Version-
   IntelXeon E3-1260l V5 Version-
IntelXeon E3-1268l V5 Firmware Version-
   IntelXeon E3-1268l V5 Version-
IntelXeon E3-1270 V5 Firmware Version-
   IntelXeon E3-1270 V5 Version-
IntelXeon E3-1275 V5 Firmware Version-
   IntelXeon E3-1275 V5 Version-
IntelXeon E3-1280 V5 Firmware Version-
   IntelXeon E3-1280 V5 Version-
IntelXeon E3-1505l V5 Firmware Version-
   IntelXeon E3-1505l V5 Version-
IntelXeon E3-1505m V5 Firmware Version-
   IntelXeon E3-1505m V5 Version-
IntelXeon E3-1535m V5 Firmware Version-
   IntelXeon E3-1535m V5 Version-
IntelXeon E3-1285 V6 Firmware Version-
   IntelXeon E3-1285 V6 Version-
IntelXeon E3-1501l V6 Firmware Version-
   IntelXeon E3-1501l V6 Version-
IntelXeon E3-1501m V6 Firmware Version-
   IntelXeon E3-1501m V6 Version-
IntelXeon E3-1220 V6 Firmware Version-
   IntelXeon E3-1220 V6 Version-
IntelXeon E3-1225 V6 Firmware Version-
   IntelXeon E3-1225 V6 Version-
IntelXeon E3-1230 V6 Firmware Version-
   IntelXeon E3-1230 V6 Version-
IntelXeon E3-1240 V6 Firmware Version-
   IntelXeon E3-1240 V6 Version-
IntelXeon E3-1245 V6 Firmware Version-
   IntelXeon E3-1245 V6 Version-
IntelXeon E3-1270 V6 Firmware Version-
   IntelXeon E3-1270 V6 Version-
IntelXeon E3-1275 V6 Firmware Version-
   IntelXeon E3-1275 V6 Version-
IntelXeon E3-1280 V6 Firmware Version-
   IntelXeon E3-1280 V6 Version-
IntelXeon E3-1505l V6 Firmware Version-
   IntelXeon E3-1505l V6 Version-
IntelXeon E3-1505m V6 Firmware Version-
   IntelXeon E3-1505m V6 Version-
IntelXeon E3-1535m V6 Firmware Version-
   IntelXeon E3-1535m V6 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.13% 0.337
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.