Strix
26.1K

CVE-2021-0146

MEDIUMCVSS 6.8/10EPSS 0.41%

Last modified

CVE-2021-0146 is a medium-severity vulnerability rated 6.8/10 on the CVSS scale. Hardware allows activation of test or debug logic at runtime for some Intel(R) processors which may allow an unauthenticated user to potentially enable escalation of privilege via physical access.. EPSS estimates a 0.41% chance of exploitation in the next 30 days.

Description

Hardware allows activation of test or debug logic at runtime for some Intel(R) processors which may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

Metrics

CVSS 3.1
6.8/10

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Probability
0.41%

32.5th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
IntelPentium J6426 FirmwareAll versions
IntelPentium J4205 FirmwareAll versions
IntelPentium J3710 FirmwareAll versions
IntelPentium J2900 FirmwareAll versions
IntelPentium J2850 FirmwareAll versions
IntelCeleron J6412 FirmwareAll versions
IntelCeleron J6413 FirmwareAll versions
IntelCeleron J4125 FirmwareAll versions
IntelCeleron J4025 FirmwareAll versions
IntelCeleron J3355e FirmwareAll versions
IntelCeleron J3455e FirmwareAll versions
IntelCeleron J4105 FirmwareAll versions
IntelCeleron J4005 FirmwareAll versions
IntelCeleron J3455 FirmwareAll versions
IntelCeleron J3355 FirmwareAll versions
IntelCeleron J3160 FirmwareAll versions
IntelCeleron J3060 FirmwareAll versions
IntelCeleron J1800 FirmwareAll versions
IntelCeleron J1900 FirmwareAll versions
IntelCeleron J1850 FirmwareAll versions
IntelCeleron J1750 FirmwareAll versions
IntelCeleron N6210 FirmwareAll versions
IntelCeleron N4505 FirmwareAll versions
IntelCeleron N4500 FirmwareAll versions
IntelCeleron N5105 FirmwareAll versions
IntelCeleron N5100 FirmwareAll versions
IntelCeleron N6211 FirmwareAll versions
IntelCeleron N4120 FirmwareAll versions
IntelCeleron N4020 FirmwareAll versions
IntelCeleron N3350e FirmwareAll versions
IntelCeleron N4000 FirmwareAll versions
IntelCeleron N4100 FirmwareAll versions
IntelCeleron N3350 FirmwareAll versions
IntelCeleron N3450 FirmwareAll versions
IntelCeleron N3060 FirmwareAll versions
IntelCeleron N3160 FirmwareAll versions
IntelCeleron N3010 FirmwareAll versions
IntelCeleron N3000 FirmwareAll versions
IntelCeleron N3050 FirmwareAll versions
IntelCeleron N3150 FirmwareAll versions
IntelCeleron N2808 FirmwareAll versions
IntelCeleron N2840 FirmwareAll versions
IntelCeleron N2940 FirmwareAll versions
IntelCeleron N2807 FirmwareAll versions
IntelCeleron N2830 FirmwareAll versions
IntelCeleron N2930 FirmwareAll versions
IntelCeleron N2806 FirmwareAll versions
IntelCeleron N2920 FirmwareAll versions
IntelCeleron N2820 FirmwareAll versions
IntelCeleron N2815 FirmwareAll versions

Showing 50 of 72 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2021-0146?
Hardware allows activation of test or debug logic at runtime for some Intel(R) processors which may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
How severe is CVE-2021-0146?
CVE-2021-0146 has a CVSS score of 6.8/10 (MEDIUM severity). The EPSS model estimates a 0.41% probability of exploitation in the next 30 days.
How do I fix CVE-2021-0146?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2021-0146?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST