F5F5:K08173228K08173228 : Multiple Intel CPU vulnerabilities
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.1 Medium
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
10.2%
Security Advisory Description
Improper access control in the firmware for some Intel® Processors may allow an unauthenticated user to potentially enable an escalation of privilege via local access.
Improper access control in the firmware for some Intel® Processors may allow a privileged user to potentially enable a denial of service via local access.
Incorrect default permissions in the firmware for some Intel® Processors may allow a privileged user to potentially enable a denial of service via local access.
Insufficient control flow management in the firmware for some Intel® Processors may allow an authenticated user to potentially enable an escalation of privilege via local access.
Insufficient control flow management in the firmware for some Intel® Processors may allow a privileged user to potentially enable an escalation of privilege via local access.
Unchecked return value in the firmware for some Intel® Processors may allow a privileged user to potentially enable escalation of privilege via local access.
NULL pointer dereference in the firmware for some Intel® Processors may allow a privileged user to potentially enable an escalation of privilege via local access.
Unchecked return value in the firmware for some Intel® Processors may allow a privileged user to potentially enable an escalation of privilege via local access.
Buffer overflow in the firmware for some Intel® Processors may allow a privileged user to potentially enable escalation of privilege via local access.
Out-of-bounds write in the firmware for some Intel® Processors may allow a privileged user to potentially enable an escalation of privilege via local access.
Pointer issues in the firmware for some Intel® Processors may allow a privileged user to potentially enable an escalation of privilege via local access.
Out-of-bounds read in the firmware for some Intel® Processors may allow a privileged user to potentially enable an escalation of privilege via local access.
Improper initialization in the firmware for some Intel® Processors may allow a privileged user to potentially enable escalation of privilege via physical access.
Improper access control in the firmware for some Intel® Processors may allow a privileged user to potentially enable escalation of privilege via physical access.
Improper initialization in the firmware for some Intel® Processors may allow a privileged user to potentially enable escalation of privilege via physical access.
Improper input validation in the firmware for some Intel® Processors may allow an authenticated user to potentially enable an escalation of privilege via local access.
Impact
An attacker may be able to exploit the Intel processor firmware to gain elevated access to resources. The following platforms are vulnerable:
- VELOS CX410
- VELOS BX110 Blade
For more information, refer to K86001294: F5OS hardware/software support matrix.
Related
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.1 Medium
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
10.2%