Vulnerability Name:

CVE-2021-0190 (CCN-226133)

Assigned:2020-10-22
Published:2022-05-10
Updated:2022-10-26
Summary:Uncaught exception in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.
CVSS v3 Severity:7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
8.2 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)
7.1 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): High
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
6.8 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-755
Vulnerability Consequences:Gain Privileges
References:Source: MITRE
Type: CNA
CVE-2021-0190

Source: XF
Type: UNKNOWN
intel-cve20210190-priv-esc(226133)

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20220818-0003/

Source: CCN
Type: INTEL-SA-00601
2022.1 IPU - BIOS Advisory

Source: MISC
Type: Vendor Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00601.html

Vulnerable Configuration:Configuration 1:
  • cpe:/o:intel:core_i9-10900x_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:core_i9-10900x:-:*:*:*:*:*:*:*

  • Configuration 2:
  • cpe:/o:intel:core_i9-10920x_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:core_i9-10920x:-:*:*:*:*:*:*:*

  • Configuration 3:
  • cpe:/o:intel:core_i9-10940x_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:core_i9-10940x:-:*:*:*:*:*:*:*

  • Configuration 4:
  • cpe:/o:intel:core_i9-10980xe_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:core_i9-10980xe:-:*:*:*:*:*:*:*

  • Configuration 5:
  • cpe:/o:intel:xeon_e5-1603_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-1603_v4:-:*:*:*:*:*:*:*

  • Configuration 6:
  • cpe:/o:intel:xeon_e5-1607_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-1607_v4:-:*:*:*:*:*:*:*

  • Configuration 7:
  • cpe:/o:intel:xeon_e5-1620_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-1620_v4:-:*:*:*:*:*:*:*

  • Configuration 8:
  • cpe:/o:intel:xeon_e5-1630_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-1630_v4:-:*:*:*:*:*:*:*

  • Configuration 9:
  • cpe:/o:intel:xeon_e5-1650_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-1650_v4:-:*:*:*:*:*:*:*

  • Configuration 10:
  • cpe:/o:intel:xeon_e5-1660_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-1660_v4:-:*:*:*:*:*:*:*

  • Configuration 11:
  • cpe:/o:intel:xeon_e5-1680_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-1680_v4:-:*:*:*:*:*:*:*

  • Configuration 12:
  • cpe:/o:intel:xeon_e5-2603_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-2603_v4:-:*:*:*:*:*:*:*

  • Configuration 13:
  • cpe:/o:intel:xeon_e5-2608l_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-2608l_v4:-:*:*:*:*:*:*:*

  • Configuration 14:
  • cpe:/o:intel:xeon_e5-2609_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-2609_v4:-:*:*:*:*:*:*:*

  • Configuration 15:
  • cpe:/o:intel:xeon_e5-2618l_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-2618l_v4:-:*:*:*:*:*:*:*

  • Configuration 16:
  • cpe:/o:intel:xeon_e5-2620_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-2620_v4:-:*:*:*:*:*:*:*

  • Configuration 17:
  • cpe:/o:intel:xeon_e5-2623_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-2623_v4:-:*:*:*:*:*:*:*

  • Configuration 18:
  • cpe:/o:intel:xeon_e5-2628l_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-2628l_v4:-:*:*:*:*:*:*:*

  • Configuration 19:
  • cpe:/o:intel:xeon_e5-2630_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-2630_v4:-:*:*:*:*:*:*:*

  • Configuration 20:
  • cpe:/o:intel:xeon_e5-2630l_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-2630l_v4:-:*:*:*:*:*:*:*

  • Configuration 21:
  • cpe:/o:intel:xeon_e5-2637_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-2637_v4:-:*:*:*:*:*:*:*

  • Configuration 22:
  • cpe:/o:intel:xeon_e5-2640_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-2640_v4:-:*:*:*:*:*:*:*

  • Configuration 23:
  • cpe:/o:intel:xeon_e5-2643_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-2643_v4:-:*:*:*:*:*:*:*

  • Configuration 24:
  • cpe:/o:intel:xeon_e5-2648l_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-2648l_v4:-:*:*:*:*:*:*:*

  • Configuration 25:
  • cpe:/o:intel:xeon_e5-2650_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-2650_v4:-:*:*:*:*:*:*:*

  • Configuration 26:
  • cpe:/o:intel:xeon_e5-2650l_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-2650l_v4:-:*:*:*:*:*:*:*

  • Configuration 27:
  • cpe:/o:intel:xeon_e5-2658_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-2658_v4:-:*:*:*:*:*:*:*

  • Configuration 28:
  • cpe:/o:intel:xeon_e5-2660_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-2660_v4:-:*:*:*:*:*:*:*

  • Configuration 29:
  • cpe:/o:intel:xeon_e5-2667_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-2667_v4:-:*:*:*:*:*:*:*

  • Configuration 30:
  • cpe:/o:intel:xeon_e5-2679_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-2679_v4:-:*:*:*:*:*:*:*

  • Configuration 31:
  • cpe:/o:intel:xeon_e5-2680_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-2680_v4:-:*:*:*:*:*:*:*

  • Configuration 32:
  • cpe:/o:intel:xeon_e5-2683_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-2683_v4:-:*:*:*:*:*:*:*

  • Configuration 33:
  • cpe:/o:intel:xeon_e5-2687w_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-2687w_v4:-:*:*:*:*:*:*:*

  • Configuration 34:
  • cpe:/o:intel:xeon_e5-2689_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-2689_v4:-:*:*:*:*:*:*:*

  • Configuration 35:
  • cpe:/o:intel:xeon_e5-2690_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-2690_v4:-:*:*:*:*:*:*:*

  • Configuration 36:
  • cpe:/o:intel:xeon_e5-2695_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-2695_v4:-:*:*:*:*:*:*:*

  • Configuration 37:
  • cpe:/o:intel:xeon_e5-2697_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-2697_v4:-:*:*:*:*:*:*:*

  • Configuration 38:
  • cpe:/o:intel:xeon_e5-2697a_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-2697a_v4:-:*:*:*:*:*:*:*

  • Configuration 39:
  • cpe:/o:intel:xeon_e5-2698_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-2698_v4:-:*:*:*:*:*:*:*

  • Configuration 40:
  • cpe:/o:intel:xeon_e5-2699_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-2699_v4:-:*:*:*:*:*:*:*

  • Configuration 41:
  • cpe:/o:intel:xeon_e5-2699a_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-2699a_v4:-:*:*:*:*:*:*:*

  • Configuration 42:
  • cpe:/o:intel:xeon_e5-2699r_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-2699r_v4:-:*:*:*:*:*:*:*

  • Configuration 43:
  • cpe:/o:intel:xeon_e5-4610_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-4610_v4:-:*:*:*:*:*:*:*

  • Configuration 44:
  • cpe:/o:intel:xeon_e5-4610a_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-4610a_v4:-:*:*:*:*:*:*:*

  • Configuration 45:
  • cpe:/o:intel:xeon_e5-4620_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-4620_v4:-:*:*:*:*:*:*:*

  • Configuration 46:
  • cpe:/o:intel:xeon_e5-4627_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-4627_v4:-:*:*:*:*:*:*:*

  • Configuration 47:
  • cpe:/o:intel:xeon_e5-4628l_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-4628l_v4:-:*:*:*:*:*:*:*

  • Configuration 48:
  • cpe:/o:intel:xeon_e5-4640_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-4640_v4:-:*:*:*:*:*:*:*

  • Configuration 49:
  • cpe:/o:intel:xeon_e5-4650_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-4650_v4:-:*:*:*:*:*:*:*

  • Configuration 50:
  • cpe:/o:intel:xeon_e5-4655_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-4655_v4:-:*:*:*:*:*:*:*

  • Configuration 51:
  • cpe:/o:intel:xeon_e5-4660_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-4660_v4:-:*:*:*:*:*:*:*

  • Configuration 52:
  • cpe:/o:intel:xeon_e5-4667_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-4667_v4:-:*:*:*:*:*:*:*

  • Configuration 53:
  • cpe:/o:intel:xeon_e5-4669_v4_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_e5-4669_v4:-:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    BACK
    intel core i9-10900x firmware -
    intel core i9-10900x -
    intel core i9-10920x firmware -
    intel core i9-10920x -
    intel core i9-10940x firmware -
    intel core i9-10940x -
    intel core i9-10980xe firmware -
    intel core i9-10980xe -
    intel xeon e5-1603 v4 firmware -
    intel xeon e5-1603 v4 -
    intel xeon e5-1607 v4 firmware -
    intel xeon e5-1607 v4 -
    intel xeon e5-1620 v4 firmware -
    intel xeon e5-1620 v4 -
    intel xeon e5-1630 v4 firmware -
    intel xeon e5-1630 v4 -
    intel xeon e5-1650 v4 firmware -
    intel xeon e5-1650 v4 -
    intel xeon e5-1660 v4 firmware -
    intel xeon e5-1660 v4 -
    intel xeon e5-1680 v4 firmware -
    intel xeon e5-1680 v4 -
    intel xeon e5-2603 v4 firmware -
    intel xeon e5-2603 v4 -
    intel xeon e5-2608l v4 firmware -
    intel xeon e5-2608l v4 -
    intel xeon e5-2609 v4 firmware -
    intel xeon e5-2609 v4 -
    intel xeon e5-2618l v4 firmware -
    intel xeon e5-2618l v4 -
    intel xeon e5-2620 v4 firmware -
    intel xeon e5-2620 v4 -
    intel xeon e5-2623 v4 firmware -
    intel xeon e5-2623 v4 -
    intel xeon e5-2628l v4 firmware -
    intel xeon e5-2628l v4 -
    intel xeon e5-2630 v4 firmware -
    intel xeon e5-2630 v4 -
    intel xeon e5-2630l v4 firmware -
    intel xeon e5-2630l v4 -
    intel xeon e5-2637 v4 firmware -
    intel xeon e5-2637 v4 -
    intel xeon e5-2640 v4 firmware -
    intel xeon e5-2640 v4 -
    intel xeon e5-2643 v4 firmware -
    intel xeon e5-2643 v4 -
    intel xeon e5-2648l v4 firmware -
    intel xeon e5-2648l v4 -
    intel xeon e5-2650 v4 firmware -
    intel xeon e5-2650 v4 -
    intel xeon e5-2650l v4 firmware -
    intel xeon e5-2650l v4 -
    intel xeon e5-2658 v4 firmware -
    intel xeon e5-2658 v4 -
    intel xeon e5-2660 v4 firmware -
    intel xeon e5-2660 v4 -
    intel xeon e5-2667 v4 firmware -
    intel xeon e5-2667 v4 -
    intel xeon e5-2679 v4 firmware -
    intel xeon e5-2679 v4 -
    intel xeon e5-2680 v4 firmware -
    intel xeon e5-2680 v4 -
    intel xeon e5-2683 v4 firmware -
    intel xeon e5-2683 v4 -
    intel xeon e5-2687w v4 firmware -
    intel xeon e5-2687w v4 -
    intel xeon e5-2689 v4 firmware -
    intel xeon e5-2689 v4 -
    intel xeon e5-2690 v4 firmware -
    intel xeon e5-2690 v4 -
    intel xeon e5-2695 v4 firmware -
    intel xeon e5-2695 v4 -
    intel xeon e5-2697 v4 firmware -
    intel xeon e5-2697 v4 -
    intel xeon e5-2697a v4 firmware -
    intel xeon e5-2697a v4 -
    intel xeon e5-2698 v4 firmware -
    intel xeon e5-2698 v4 -
    intel xeon e5-2699 v4 firmware -
    intel xeon e5-2699 v4 -
    intel xeon e5-2699a v4 firmware -
    intel xeon e5-2699a v4 -
    intel xeon e5-2699r v4 firmware -
    intel xeon e5-2699r v4 -
    intel xeon e5-4610 v4 firmware -
    intel xeon e5-4610 v4 -
    intel xeon e5-4610a v4 firmware -
    intel xeon e5-4610a v4 -
    intel xeon e5-4620 v4 firmware -
    intel xeon e5-4620 v4 -
    intel xeon e5-4627 v4 firmware -
    intel xeon e5-4627 v4 -
    intel xeon e5-4628l v4 firmware -
    intel xeon e5-4628l v4 -
    intel xeon e5-4640 v4 firmware -
    intel xeon e5-4640 v4 -
    intel xeon e5-4650 v4 firmware -
    intel xeon e5-4650 v4 -
    intel xeon e5-4655 v4 firmware -
    intel xeon e5-4655 v4 -
    intel xeon e5-4660 v4 firmware -
    intel xeon e5-4660 v4 -
    intel xeon e5-4667 v4 firmware -
    intel xeon e5-4667 v4 -
    intel xeon e5-4669 v4 firmware -
    intel xeon e5-4669 v4 -