Intel Security CenterINTEL:INTEL-SA-006862022.2 IPU – BIOS Advisory
EPSS
Percentile
12.6%
Summary:
A potential security vulnerability in the BIOS firmware for some Intel® Processors may allow escalation of privilege. Intel is releasing BIOS updates to mitigate this potential vulnerability.
Vulnerability Details:
CVEID: CVE-2021-33060
Description: Out-of-bounds write in the BIOS firmware for some Intel® Processors may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS Base Score: 7.8 High
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Affected Products:
Product Collection
|
Vertical Segment
|
CPU ID
|
Platform ID
|
CVE ID
—|—|—|—|—
3rd Generation Intel® Xeon® Scalable Processor Family
|
Server
|
5065B
|
5065B
|
CVE-2021-33060
3rd Generation Intel® Xeon® Scalable Processor Family
|
Server
|
606A0
606A4
606A6
|
0x87
Recommendations:
Intel recommends that users of Intel® Processors update to the latest version provided by the system manufacturer that addresses these issues.__
Acknowledgements:
Intel would like to thank Dmitry Frolov for reporting this issue.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.
Related
