Skip to main content

Sgx Sdk CVE-2021-0186

MEDIUM
Improper Input Validation (CWE-20)
2021-11-17 secure@intel.com
Intel Privilege Escalation Sgx Sdk Xeon Gold 6342 Firmware Xeon Gold 6346 Firmware Xeon Gold 6330 Firmware Xeon Platinum 8360Y Firmware Xeon Gold 6354 Firmware Xeon Gold 6314U Firmware Xeon Gold 6338N Firmware Xeon Silver 4314 Firmware Xeon Silver 4316 Firmware Xeon Gold 5318Y Firmware Xeon Gold 5317 Firmware Xeon Gold 6334 Firmware Xeon Gold 6326 Firmware Xeon Silver 4309Y Firmware Xeon Gold 6348 Firmware Xeon Silver 4310 Firmware Xeon Gold 6338T Firmware Xeon Gold 5318S Firmware Xeon Gold 6336Y Firmware Xeon Gold 5318N Firmware Xeon Gold 6312U Firmware Xeon Silver 4310T Firmware Xeon Gold 5320T Firmware Xeon Gold 5320 Firmware Xeon Gold 5315Y Firmware Xeon Platinum 8352M Firmware Xeon Platinum 8362 Firmware Xeon Platinum 8368 Firmware Xeon Platinum 8358 Firmware Xeon Platinum 8352Y Firmware Xeon Gold 6338 Firmware Xeon Gold 6330N Firmware Xeon Platinum 8380 Firmware Xeon Platinum 8351N Firmware Xeon Platinum 8368Q Firmware Xeon Platinum 8352S Firmware Xeon Platinum 8358P Firmware Xeon Platinum 8352V Firmware Xeon Platinum 8360Hl Firmware Xeon Platinum 8360H Firmware Xeon Platinum 8356H Firmware Xeon Gold 6330H Firmware Xeon Platinum 8380H Firmware Xeon Gold 5318H Firmware Xeon Gold 6328H Firmware Xeon Gold 5320H Firmware Xeon Platinum 8353H Firmware Xeon Platinum 8354H Firmware Xeon Gold 6348H Firmware Xeon Platinum 8376H Firmware Xeon Platinum 8376Hl Firmware Xeon Platinum 8380Hl Firmware Xeon Gold 6328Hl Firmware Core I7 10870H Firmware Core I7 10610U Firmware Core I7 10810U Firmware Core I7 1068Ng7 Firmware Core I7 10700Kf Firmware Core I7 10700E Firmware Core I7 10700Te Firmware Core I7 10700K Firmware Core I7 10700F Firmware Core I7 10700 Firmware Core I7 10700T Firmware Core I7 10750H Firmware Core I7 10850H Firmware Core I7 10875H Firmware Core I7 10710U Firmware Core I7 10510Y Firmware Core I7 10510U Firmware Core I7 1060G7 Firmware Core I7 1065G7 Firmware Core I5 10505 Firmware Core I5 10500H Firmware Core I5 10200H Firmware Core I5 10310U Firmware Core I5 1038Ng7 Firmware Core I5 10500 Firmware Core I5 10500E Firmware Core I5 10500Te Firmware Core I5 10600Kf Firmware Core I5 10600K Firmware Core I5 10600T Firmware Core I5 10400F Firmware Core I5 10400T Firmware Core I5 10500T Firmware Core I5 10600 Firmware Core I5 10400 Firmware Core I5 10300H Firmware Core I5 10400H Firmware Core I5 10210U Firmware Core I5 10210Y Firmware Core I5 10310Y Firmware Core I5 1030G4 Firmware Core I5 1030G7 Firmware Core I5 1035G1 Firmware Core I5 1035G7 Firmware Core I5 1035G4 Firmware Core I3 10105F Firmware Core I3 10305T Firmware Core I3 10105 Firmware Core I3 10305 Firmware Core I3 10105T Firmware Core I3 10325 Firmware Core I3 10100Y Firmware Core I3 10100F Firmware Core I3 10300T Firmware Core I3 10100 Firmware Core I3 10100T Firmware Core I3 10300 Firmware Core I3 10320 Firmware Core I3 10100E Firmware Core I3 10100Te Firmware Core I3 10110Y Firmware Core I3 10110U Firmware Core I3 1000G4 Firmware Core I3 1000G1 Firmware Core I3 1005G1 Firmware Core I9 10850K Firmware Core I9 10885H Firmware Core I9 10900T Firmware Core I9 10900 Firmware Core I9 10900F Firmware Core I9 10900Kf Firmware Core I9 10900K Firmware Core I9 10900Te Firmware Core I9 10900E Firmware Core I9 10980Hk Firmware Pentium Silver N6005 Firmware Pentium Silver N6000 Firmware Pentium Silver J5040 Firmware Pentium Silver N5030 Firmware Pentium Silver J5005 Firmware Pentium Silver N5000 Firmware Celeron J6412 Firmware Celeron J6413 Firmware Celeron J4125 Firmware Celeron J4025 Firmware Celeron J3355E Firmware Celeron J3455E Firmware Celeron J4105 Firmware Celeron J4005 Firmware Celeron J3455 Firmware Celeron J3355 Firmware Celeron J3160 Firmware Celeron J3060 Firmware Celeron J1800 Firmware Celeron J1900 Firmware Celeron J1850 Firmware Celeron J1750 Firmware Celeron N6210 Firmware Celeron N4505 Firmware Celeron N4500 Firmware Celeron N5105 Firmware Celeron N5100 Firmware Celeron N6211 Firmware Celeron N4120 Firmware Celeron N4020 Firmware Celeron N3350E Firmware Celeron N4000 Firmware Celeron N4100 Firmware Celeron N3350 Firmware Celeron N3450 Firmware Celeron N3060 Firmware Celeron N3160 Firmware Celeron N3010 Firmware Celeron N3000 Firmware Celeron N3050 Firmware Celeron N3150 Firmware Celeron N2808 Firmware Celeron N2840 Firmware Celeron N2940 Firmware Celeron N2807 Firmware Celeron N2830 Firmware Celeron N2930 Firmware Celeron N2806 Firmware Celeron N2920 Firmware Celeron N2820 Firmware Celeron N2815 Firmware Celeron N2805 Firmware Celeron N2810 Firmware Celeron N2910 Firmware
6.7
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.7 MEDIUM
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Nov 17, 2021 - 20:15 nvd
MEDIUM 6.7

DescriptionNVD

Improper input validation in the Intel(R) SGX SDK applications compiled for SGX2 enabled processors may allow a privileged user to potentially escalation of privilege via local access.

AnalysisAI

Improper input validation in the Intel(R) SGX SDK applications compiled for SGX2 enabled processors may allow a privileged user to potentially escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-20. Improper input validation in the Intel(R) SGX SDK applications compiled for SGX2 enabled processors may allow a privileged user to potentially escalation of privilege via local access. Affected products include: Intel Sgx Sdk, Intel Xeon Gold 6342 Firmware, Intel Xeon Gold 6346 Firmware, Intel Xeon Gold 6330 Firmware, Intel Xeon Platinum 8360Y Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Share

CVE-2021-0186 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy