Improper Input Validation in Intel UEFI Firmware Enables Local Escalation
CVE-2024-21871 Published on September 16, 2024

Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

NVD

Vulnerability Analysis

CVE-2024-21871 can be exploited with local system access, and requires user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:

LOCAL

Attack Complexity:

HIGH

Privileges Required:

HIGH

User Interaction:

NONE

Scope:

CHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

HIGH

Availability Impact:

HIGH

Weakness Type

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Products Associated with CVE-2024-21871

Want to know whenever a new CVE is published for Intel products? stack.watch will email you.

Intel Xeon E3 1268l V5 Firmware

Intel Celeron G3900te Firmware

Intel Celeron G3900 Firmware

Intel Pentium G4400te Firmware

Intel Pentium G4400 Firmware

Intel Core I3 6100te Firmware

Intel Core I3 6100 Firmware

Intel Core I5 6500te Firmware

Intel Core I5 6500 Firmware

Intel Core I7 6700te Firmware

Intel Core I7 6700 Firmware

Intel Xeon E7 4809 V3 Firmware

Intel Xeon E7 4820 V3 Firmware

Intel Xeon E7 4830 V3 Firmware

Intel Xeon E7 4850 V3 Firmware

Intel Xeon E7 8860 V3 Firmware

Intel Xeon E7 8867 V3 Firmware

Intel Xeon E7 8870 V3 Firmware

Intel Xeon E7 8880 V3 Firmware

Intel Xeon E7 8890 V3 Firmware

Intel Xeon E7 8891 V3 Firmware

Intel Xeon E7 8893 V3 Firmware

Intel Xeon E3 1220 V6 Firmware

Intel Xeon E3 1225 V6 Firmware

Intel Xeon E3 1230 V6 Firmware

Intel Xeon E3 1240 V6 Firmware

Intel Xeon E3 1245 V6 Firmware

Intel Xeon E3 1270 V6 Firmware

Intel Xeon E3 1275 V6 Firmware

Intel Xeon E3 1280 V6 Firmware

Intel Xeon E3 1285 V6 Firmware

Intel Xeon E 2124 Firmware

Intel Xeon E 2134 Firmware

Intel Xeon E 2136 Firmware

Intel Xeon E 2224 Firmware

Intel Xeon E 2234 Firmware

Intel Xeon E 2236 Firmware

Intel Xeon E 2314 Firmware

Intel Xeon E 2334 Firmware

Intel Xeon E 2336 Firmware

Intel Xeon E 2378 Firmware

Intel Core I9 10900x X Series Firmware

Intel Core I9 10920x X Series Firmware

Intel Core I9 10940x X Series Firmware

Intel Xeon E5 1603 V4 Firmware

Intel Xeon E5 1607 V4 Firmware

Intel Xeon E5 1620 V3 Firmware

Intel Xeon E5 1620 V4 Firmware

Intel Xeon E5 1630 V3 Firmware

Intel Xeon E5 1630 V4 Firmware

Intel Xeon E5 1650 V3 Firmware

Intel Xeon E5 1650 V4 Firmware

Intel Xeon E5 1660 V3 Firmware

Intel Xeon E5 1660 V4 Firmware

Intel Xeon E5 1680 V3 Firmware

Intel Xeon E5 1680 V4 Firmware

Intel Xeon E5 2603 V3 Firmware

Intel Xeon E5 2603 V4 Firmware

Intel Xeon E5 2609 V3 Firmware

Intel Xeon E5 2609 V4 Firmware

Intel Xeon E5 2620 V3 Firmware

Intel Xeon E5 2620 V4 Firmware

Intel Xeon E5 2623 V3 Firmware

Intel Xeon E5 2623 V4 Firmware

Intel Xeon E5 2630 V3 Firmware

Intel Xeon E5 2630 V4 Firmware

Intel Xeon E5 2637 V3 Firmware

Intel Xeon E5 2637 V4 Firmware

Intel Xeon E5 2640 V3 Firmware

Intel Xeon E5 2640 V4 Firmware

Intel Xeon E5 2643 V3 Firmware

Intel Xeon E5 2643 V4 Firmware

Intel Xeon E5 2650 V3 Firmware

Intel Xeon E5 2650 V4 Firmware

Intel Xeon E5 2658 V3 Firmware

Intel Xeon E5 2658 V4 Firmware

Intel Xeon E5 2660 V3 Firmware

Intel Xeon E5 2660 V4 Firmware

Intel Xeon E5 2667 V3 Firmware

Intel Xeon E5 2667 V4 Firmware

Intel Xeon E5 2670 V3 Firmware

Intel Xeon E5 2679 V4 Firmware

Intel Xeon E5 2680 V3 Firmware

Intel Xeon E5 2680 V4 Firmware

Intel Xeon E5 2683 V3 Firmware

Intel Xeon E5 2683 V4 Firmware

Intel Xeon E5 2689 V4 Firmware

Intel Xeon E5 2690 V3 Firmware

Intel Xeon E5 2690 V4 Firmware

Intel Xeon E5 2695 V3 Firmware

Intel Xeon E5 2695 V4 Firmware

Intel Xeon E5 2697 V3 Firmware

Intel Xeon E5 2697 V4 Firmware

Intel Xeon E5 2698 V3 Firmware

Intel Xeon E5 2698 V4 Firmware

Intel Xeon E5 2699 V3 Firmware

Intel Xeon E5 2699 V4 Firmware

Intel Xeon E5 4610 V3 Firmware

Intel Xeon E5 4610 V4 Firmware

Intel Xeon E5 4620 V3 Firmware

Intel Xeon E5 4620 V4 Firmware

Intel Xeon E5 4627 V3 Firmware

Intel Xeon E5 4627 V4 Firmware

Intel Xeon E5 4640 V3 Firmware

Intel Xeon E5 4640 V4 Firmware

Intel Xeon E5 4648 V3 Firmware

Intel Xeon E5 4650 V3 Firmware

Intel Xeon E5 4650 V4 Firmware

Intel Xeon E5 4655 V4 Firmware

Intel Xeon E5 4660 V3 Firmware

Intel Xeon E5 4660 V4 Firmware

Intel Xeon E5 4667 V3 Firmware

Intel Xeon E5 4667 V4 Firmware

Intel Xeon E5 4669 V3 Firmware

Intel Xeon E5 4669 V4 Firmware

Intel Xeon Processor D 1513n Firmware

Intel Xeon Processor D 1518 Firmware

Intel Xeon Processor D 1520 Firmware

Intel Xeon Processor D 1521 Firmware

Intel Xeon Processor D 1523n Firmware

Intel Xeon Processor D 1527 Firmware

Intel Xeon Processor D 1528 Firmware

Intel Xeon Processor D 1529 Firmware

Intel Xeon Processor D 1531 Firmware

Intel Xeon Processor D 1533n Firmware

Intel Xeon Processor D 1537 Firmware

Intel Xeon Processor D 1539 Firmware

Intel Xeon Processor D 1540 Firmware

Intel Xeon Processor D 1541 Firmware

Intel Xeon Processor D 1548 Firmware

Intel Xeon Processor D 1553n Firmware

Intel Xeon Processor D 1557 Firmware

Intel Xeon Processor D 1559 Firmware

Intel Xeon Processor D 1567 Firmware

Intel Xeon Processor D 1571 Firmware

Intel Xeon Processor D 1577 Firmware

Intel Xeon D 1581 Firmware

Intel Xeon D 1587 Firmware

Intel Xeon D 1602 Firmware

Intel Xeon D 1612 Firmware

Intel Xeon D 1622 Firmware

Intel Xeon D 1627 Firmware

Intel Xeon D 1632 Firmware

Intel Xeon D 1637 Firmware

Intel Xeon D 1702 Firmware

Intel Xeon D 1714 Firmware

Intel Xeon D 1726 Firmware

Intel Xeon D 1736 Firmware

Intel Xeon D 1739 Firmware

Intel Xeon D 2191 Firmware

Intel Xeon D 2738 Firmware

Intel Xeon D 2779 Firmware

Intel Xeon D 2799 Firmware

Exploit Probability

EPSS

0.07%

Percentile

20.75%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Improper Input Validation in Intel UEFI Firmware Enables Local EscalationCVE-2024-21871 Published on September 16, 2024

Vulnerability Analysis

Weakness Type

Improper Input Validation

Products Associated with CVE-2024-21871

Exploit Probability

Improper Input Validation in Intel UEFI Firmware Enables Local Escalation
CVE-2024-21871 Published on September 16, 2024