CVE-2021-0185 In early Intel Server Board M10JNP Family firmware, improper input validation may allow a privileged user to enable an escalation of privilege.

Intel has published a software update to resolve this issue. Vulnerable releases - Intel® Server Board DX3650, DX3650M, DX3670, DX3670M, DX3690, DX3690M, DX3700, DX3700M, DX3770, DX3770M, DX3790, DX3790M, DX3800, DX3870, DX3870M, DX4000, DX4000M, DX4100, DX4100M, DX4200, DX4200M, DX4300, DX4300M, DX4350, DX4350M, The DX series of Intel(R) Server Board products (D) before version 7.217.1, (X) before 7.217.1, M10JNP Family before version 7.216, M10JNP Family before version 7.217.1, M10JNP Family before version 7.216, M10JNP Family before version 7.216, M10JNP Family before version 7.216, M10JNP Family before version 7.216, M10JNP Family before version 7.216, M10JNP Family before version 7.216, M10JNP Family before version 7.216, M10JNP Family before version 7.216, M10JNP Family before version 7.216, M10JNP Family before version 7.216, M10JNP Family

Symptoms

The Intel® Server Board DX3650, DX3650M, DX3670, DX3670M, DX3690, DX3690M, DX3700, DX3700M, DX3770, DX3770M, DX3790, DX3790M,DX3800 & P6 Family are susceptible to a security vulnerability (CVE-2021-0185) that can result in unauthorized access to the system memory of the vulnerable platform.
Intel has released updated firmware for the following processors:
Vulnerable product releases - Intel(R) Pentium(R) 4 Processor 3.06GHz - 3.2GHz
Intel(R) Pentium(R) M processor 1.60GHz - 2.13GHz
Intel(R) Celeron(R) M processor 750MHz - 1.86GHz
All versions of these processors are affected by this vulnerability.

CORE IMPACT

A vulnerability has been identified in the Intel® Server Board DX3650, DX3650M, DX3670, DX3670M, DX3690, DX3690M, DX3700, DX3700M, DX3770, DX3770M, DX3790, and many others. The vulnerability could allow an attacker to execute code on the system without authentication. Intel is not aware of any exploits of this vulnerability at this time.

Intel Server Board D530/D531/D3550 /D3551/D3570

Intel has published a software update to resolve this issue. Vulnerable releases - Intel® Server Board D530, D531, D3550, D3551, D3570, M10e Family before version 7.216

Timeline

Published on: 11/10/2022 23:15:00 UTC
Last modified on: 11/16/2022 15:10:00 UTC

References