Intel BSSA DFT initialization [CVE-2021-0144]

A potential security vulnerability in the customer build time configuration for the Intel BIOS Shared SW Architecture (BSSA) Design for Test (DFT) feature may allow escalation of privilege.  Intel is releasing detailed guidance to address this potential vulnerability.

Description:

Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged user to potentially enable an escalation of privilege via local access.

CVE-ID CVE-2021-0144
Impact of vulnerability: Escalation of Privilege
CVSS Vector:  CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Severity rating: Critical
Risk Score 7.5
Remote Access  Required 

Affected Products:

  • 2nd Generation Intel® Xeon® Scalable Processors
  • Intel® Xeon® Scalable Processors
  • Intel® Core™ X-series Processors
  • Intel® Xeon® Processor W Family
  • Intel® Xeon® Processor D Family
  • Intel® Xeon® Processor E5 v4 Family
  • Intel® Xeon® Processor E5 v3 Family

Mitigation:

Intel recommends that users of the potentially affected products update to the latest BIOS firmware version provided by the system manufacturer that addresses these issues.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2025-23208 : ZOT UP TO 2.1.1 API SETUSERGROUPS PRIVILEGES MANAGEMENT

CVE-2025-23208 : ZOT UP TO 2.1.1 API SETUSERGROUPS PRIVILEGES MANAGEMENT

Description zot is a production-ready vendor-neutral OCI image registry. The group data stored for users in the boltdb database (meta.db)

CVE-2024-12867 : ARCTIC SECURITY ARCTIC HUB UP TO 5.5.1872 CONFIGURATION SERVER-SIDE REQUEST FORGERY

CVE-2024-12867 : ARCTIC SECURITY ARCTIC HUB UP TO 5.5.1872 CONFIGURATION SERVER-SIDE REQUEST FORGERY

Description Server-Side Request Forgery in URL Mapper in Arctic Security’s Arctic Hub versions 3.0.1764-5.6.1877 allows an unauthenticated remote attacker to

CVE-2024-12840 : RED HAT SATELLITE HTTP PROXY SERVER-SIDE REQUEST FORGERY

CVE-2024-12840 : RED HAT SATELLITE HTTP PROXY SERVER-SIDE REQUEST FORGERY

Description A server-side request forgery exists in Satellite. When a PUT HTTP request is made to /http_proxies/test_connection, when supplied with