Aff Bios Security Vulnerabilities

CVE-2021-33060

Out-of-bounds write in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local...

CVE-2021-33117

Improper access control for some 3rd Generation Intel(R) Xeon(R) Scalable Processors before BIOS version MR7, may allow a local attacker to potentially enable information disclosure via local...

CVE-2021-0145

Improper initialization of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local...

CVE-2021-0117

Pointer issues in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local...

CVE-2021-0119

Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via physical...

CVE-2021-0116

Out-of-bounds write in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local...

CVE-2021-0125

Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via physical...

CVE-2021-0115

Buffer overflow in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local...

CVE-2021-0124

Improper access control in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via physical...

CVE-2021-0118

Out-of-bounds read in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local...

CVE-2021-0156

Improper input validation in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable an escalation of privilege via local...

CVE-2021-0093

Incorrect default permissions in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable a denial of service via local...

CVE-2021-0092

Improper access control in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable a denial of service via local...

CVE-2021-0111

NULL pointer dereference in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local...

CVE-2021-0107

Unchecked return value in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local...

CVE-2021-0103

Insufficient control flow management in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local...

CVE-2021-0099

Insufficient control flow management in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable an escalation of privilege via local...

CVE-2021-0091

Improper access control in the firmware for some Intel(R) Processors may allow an unauthenticated user to potentially enable an escalation of privilege via local...

CVE-2021-33625

An issue was discovered in Kernel 5.x in Insyde InsydeH2O, affecting HddPassword. Software SMI services that use the Communicate() function of the EFI_SMM_COMMUNICATION_PROTOCOL do not check whether the address of the buffer is valid, which allows use of SMRAM, MMIO, or OS kernel...

CVE-2020-8700

Improper input validation in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local...

CVE-2020-8670

Race condition in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local...

CVE-2020-12359

Insufficient control flow management in the firmware for some Intel(R) Processors may allow an unauthenticated user to potentially enable escalation of privilege via physical...

CVE-2020-12357

Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local...

CVE-2020-12360

Out of bounds read in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local...

CVE-2020-12358

Out of bounds write in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local...

CVE-2020-24486

Improper input validation in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local...

CVE-2020-24511

Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local...

CVE-2020-24512

Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local...

CVE-2020-8764

Improper access control in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local...

CVE-2020-8739

Use of potentially dangerous function in Intel BIOS platform sample code for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local...

CVE-2020-8740

Out of bounds write in Intel BIOS platform sample code for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local...

CVE-2020-8738

Improper conditions check in Intel BIOS platform sample code for some Intel(R) Processors before may allow a privileged user to potentially enable escalation of privilege via local...

CVE-2020-0590

Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local...