Vulnerability Description
Improper input validation in the Intel(R) SGX SDK applications compiled for SGX2 enabled processors may allow a privileged user to potentially escalation of privilege via local access.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intel | Sgx Sdk | <= 2.12 |
| Intel | Xeon Gold 6342 Firmware | - |
| Intel | Xeon Gold 6342 | - |
| Intel | Xeon Gold 6346 Firmware | - |
| Intel | Xeon Gold 6346 | - |
| Intel | Xeon Gold 6330 Firmware | - |
| Intel | Xeon Gold 6330 | - |
| Intel | Xeon Platinum 8360Y Firmware | - |
| Intel | Xeon Platinum 8360Y | - |
| Intel | Xeon Gold 6354 Firmware | - |
| Intel | Xeon Gold 6354 | - |
| Intel | Xeon Gold 6314U Firmware | - |
| Intel | Xeon Gold 6314U | - |
| Intel | Xeon Gold 6338N Firmware | - |
| Intel | Xeon Gold 6338N | - |
| Intel | Xeon Silver 4314 Firmware | - |
| Intel | Xeon Silver 4314 | - |
| Intel | Xeon Silver 4316 Firmware | - |
| Intel | Xeon Silver 4316 | - |
| Intel | Xeon Gold 5318Y Firmware | - |
Related Weaknesses (CWE)
References
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00548.Vendor Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00548.Vendor Advisory
FAQ
What is CVE-2021-0186?
CVE-2021-0186 is a vulnerability with a CVSS score of 6.7 (MEDIUM). Improper input validation in the Intel(R) SGX SDK applications compiled for SGX2 enabled processors may allow a privileged user to potentially escalation of privilege via local access.
How severe is CVE-2021-0186?
CVE-2021-0186 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-0186?
Check the references section above for vendor advisories and patch information. Affected products include: Intel Sgx Sdk, Intel Xeon Gold 6342 Firmware, Intel Xeon Gold 6342, Intel Xeon Gold 6346 Firmware, Intel Xeon Gold 6346.