Skip to main content

Power9 System Firmware

1 CVEs product

Monthly

CVE-2021-20487 CRITICAL Act Now

IBM Power9 Self Boot Engine(SBE) could allow a privileged user to inject malicious code and compromise the integrity of the host firmware bypassing the host firmware signature verification process. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass IBM Jwt Attack Power9 System Firmware Scale Out Lc System Firmware
NVD
CVSS 3.1
9.1
EPSS
0.7%
EPSS 1% CVSS 9.1
CRITICAL Act Now

IBM Power9 Self Boot Engine(SBE) could allow a privileged user to inject malicious code and compromise the integrity of the host firmware bypassing the host firmware signature verification process. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass IBM Jwt Attack +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy