NetApp Solidfire Bios

Insufficient compartmentalization in HECI subsystem for the Intel(R) SPS before versions SPS_E5_04.01.04.516.0, SPS_E5_04.04.04.033.0, SPS_E5_04.04.03.281.0, SPS_E5_03.01.03.116.0, SPS_E3_05.01.04.309.0, SPS_02.04.00.101.0, SPS_SoC-A_05.00.03.114.0, SPS_SoC-X_04.00.04.326.0, SPS_SoC-X_03.00.03.117.0, IGN_E5_91.00.00.167.0, SPS_PHI_03.01.03.078.0 may

CVE-2021-0060 6.6 - Medium - February 09, 2022

Insufficient compartmentalization in HECI subsystem for the Intel(R) SPS before versions SPS_E5_04.01.04.516.0, SPS_E5_04.04.04.033.0, SPS_E5_04.04.03.281.0, SPS_E5_03.01.03.116.0, SPS_E3_05.01.04.309.0, SPS_02.04.00.101.0, SPS_SoC-A_05.00.03.114.0, SPS_SoC-X_04.00.04.326.0, SPS_SoC-X_03.00.03.117.0, IGN_E5_91.00.00.167.0, SPS_PHI_03.01.03.078.0 may allow an authenticated user to potentially enable escalation of privilege via physical access.

Observable timing discrepancy in some Intel(R) Processors may

CVE-2020-24512 3.3 - Low - June 09, 2021

Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Side Channel Attack

Improper isolation of shared resources in some Intel(R) Processors may

CVE-2020-24511 6.5 - Medium - June 09, 2021

Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Exposure of Resource to Wrong Sphere

Race condition in the firmware for some Intel(R) Processors may

CVE-2020-8670 6.4 - Medium - June 09, 2021

Race condition in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

Race Condition

Improper input validation in the firmware for some Intel(R) Processors may

CVE-2020-24486 5.5 - Medium - June 09, 2021

Improper input validation in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local access.

Improper Input Validation

Out of bounds read in the firmware for some Intel(R) Processors may

CVE-2020-12360 7.8 - High - June 09, 2021

Out of bounds read in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.

Out-of-bounds Read

Out of bounds write in the firmware for some Intel(R) Processors may

CVE-2020-12358 4.4 - Medium - June 09, 2021

Out of bounds write in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access.

Memory Corruption

Improper initialization in the firmware for some Intel(R) Processors may

CVE-2020-12357 6.7 - Medium - June 09, 2021

Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

Improper Initialization

Improper input validation in the firmware for some Intel(R) Processors may

CVE-2020-8700 6.7 - Medium - June 09, 2021

Improper input validation in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

Improper Input Validation

Insufficient control flow management in the firmware for some Intel(R) Processors may

CVE-2020-12359 6.8 - Medium - June 09, 2021

Insufficient control flow management in the firmware for some Intel(R) Processors may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

Improper conditions check in Intel BIOS platform sample code for some Intel(R) Processors before may

CVE-2020-8738 6.7 - Medium - November 12, 2020

Improper conditions check in Intel BIOS platform sample code for some Intel(R) Processors before may allow a privileged user to potentially enable escalation of privilege via local access.

Improper Check for Unusual or Exceptional Conditions