Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-33060

Out-of-bounds write in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.

Security Impact Summary

This vulnerability carries a HIGH severity rating with a CVSS v3.1 score of 7.8, requiring local system access to exploit with relatively low complexity without requiring user interaction requiring only low-level privileges . The vulnerability impacts confidentiality (data exposure), integrity (unauthorized modifications), and availability (service disruption) for affected systems. Impacting 144 products from intel, from intel, from intel and 141 others, organizations running these solutions should prioritize assessment and patching.

Historical Context

Reported in 2022, this vulnerability emerged during an era marked by increased sophistication in supply chain attacks, cloud infrastructure vulnerabilities, and software-as-a-service (SaaS) security challenges. Security practices during this period emphasized zero-trust architectures, container security, and API protection.

Published

2022-08-18T20:15:09.457

Last Modified

2025-05-05T17:17:05.013

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

Weaknesses

Type: Primary
CWE-787
Type: Secondary
CWE-787

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	intel	xeon_gold_5315y_firmware	-	Yes
Hardware	intel	xeon_gold_5315y	-	No
Operating System	intel	xeon_gold_5317_firmware	-	Yes
Hardware	intel	xeon_gold_5317	-	No
Operating System	intel	xeon_gold_5318n_firmware	-	Yes
Hardware	intel	xeon_gold_5318n	-	No
Operating System	intel	xeon_gold_5318s_firmware	-	Yes
Hardware	intel	xeon_gold_5318s	-	No
Operating System	intel	xeon_gold_5318y_firmware	-	Yes
Hardware	intel	xeon_gold_5318y	-	No
Operating System	intel	xeon_gold_5320_firmware	-	Yes
Hardware	intel	xeon_gold_5320	-	No
Operating System	intel	xeon_gold_5320t_firmware	-	Yes
Hardware	intel	xeon_gold_5320t	-	No
Operating System	intel	xeon_gold_6312u_firmware	-	Yes
Hardware	intel	xeon_gold_6312u	-	No
Operating System	intel	xeon_gold_6314u_firmware	-	Yes
Hardware	intel	xeon_gold_6314u	-	No
Operating System	intel	xeon_gold_6326_firmware	-	Yes
Hardware	intel	xeon_gold_6326	-	No
Operating System	intel	xeon_gold_6330_firmware	-	Yes
Hardware	intel	xeon_gold_6330	-	No
Operating System	intel	xeon_gold_6330n_firmware	-	Yes
Hardware	intel	xeon_gold_6330n	-	No
Operating System	intel	xeon_gold_6334_firmware	-	Yes
Hardware	intel	xeon_gold_6334	-	No
Operating System	intel	xeon_gold_6336y_firmware	-	Yes
Hardware	intel	xeon_gold_6336y	-	No
Operating System	intel	xeon_gold_6338_firmware	-	Yes
Hardware	intel	xeon_gold_6338	-	No
Operating System	intel	xeon_gold_6338n_firmware	-	Yes
Hardware	intel	xeon_gold_6338n	-	No
Operating System	intel	xeon_gold_6338t_firmware	-	Yes
Hardware	intel	xeon_gold_6338t	-	No
Operating System	intel	xeon_gold_6342_firmware	-	Yes
Hardware	intel	xeon_gold_6342	-	No
Operating System	intel	xeon_gold_6346_firmware	-	Yes
Hardware	intel	xeon_gold_6346	-	No
Operating System	intel	xeon_gold_6348_firmware	-	Yes
Hardware	intel	xeon_gold_6348	-	No
Operating System	intel	xeon_gold_6354_firmware	-	Yes
Hardware	intel	xeon_gold_6354	-	No
Operating System	intel	xeon_platinum_8351n_firmware	-	Yes
Hardware	intel	xeon_platinum_8351n	-	No
Operating System	intel	xeon_platinum_8352m_firmware	-	Yes
Hardware	intel	xeon_platinum_8352m	-	No
Operating System	intel	xeon_platinum_8352s_firmware	-	Yes
Hardware	intel	xeon_platinum_8352s	-	No
Operating System	intel	xeon_platinum_8352v_firmware	-	Yes
Hardware	intel	xeon_platinum_8352v	-	No
Operating System	intel	xeon_platinum_8352y_firmware	-	Yes
Hardware	intel	xeon_platinum_8352y	-	No
Operating System	intel	xeon_platinum_8358_firmware	-	Yes
Hardware	intel	xeon_platinum_8358	-	No
Operating System	intel	xeon_platinum_8358p_firmware	-	Yes
Hardware	intel	xeon_platinum_8358p	-	No
Operating System	intel	xeon_platinum_8360y_firmware	-	Yes
Hardware	intel	xeon_platinum_8360y	-	No
Operating System	intel	xeon_platinum_8362_firmware	-	Yes
Hardware	intel	xeon_platinum_8362	-	No
Operating System	intel	xeon_platinum_8368_firmware	-	Yes
Hardware	intel	xeon_platinum_8368	-	No
Operating System	intel	xeon_platinum_8368q_firmware	-	Yes
Hardware	intel	xeon_platinum_8368q	-	No
Operating System	intel	xeon_platinum_8380_firmware	-	Yes
Hardware	intel	xeon_platinum_8380	-	No
Operating System	intel	xeon_silver_4309y_firmware	-	Yes
Hardware	intel	xeon_silver_4309y	-	No
Operating System	intel	xeon_silver_4310_firmware	-	Yes
Hardware	intel	xeon_silver_4310	-	No
Operating System	intel	xeon_silver_4310t_firmware	-	Yes
Hardware	intel	xeon_silver_4310t	-	No
Operating System	intel	xeon_silver_4314_firmware	-	Yes
Hardware	intel	xeon_silver_4314	-	No
Operating System	intel	xeon_silver_4316_firmware	-	Yes
Hardware	intel	xeon_silver_4316	-	No
Operating System	intel	xeon_gold_6330h_firmware	-	Yes
Hardware	intel	xeon_gold_6330h	-	No
Operating System	intel	xeon_platinum_8356h_firmware	-	Yes
Hardware	intel	xeon_platinum_8356h	-	No
Operating System	intel	xeon_platinum_8360h_firmware	-	Yes
Hardware	intel	xeon_platinum_8360h	-	No
Operating System	intel	xeon_platinum_8360hl_firmware	-	Yes
Hardware	intel	xeon_platinum_8360hl	-	No
Operating System	intel	xeon_gold_5318h_firmware	-	Yes
Hardware	intel	xeon_gold_5318h	-	No
Operating System	intel	xeon_gold_5320h_firmware	-	Yes
Hardware	intel	xeon_gold_5320h	-	No
Operating System	intel	xeon_gold_6328h_firmware	-	Yes
Hardware	intel	xeon_gold_6328h	-	No
Operating System	intel	xeon_gold_6328hl_firmware	-	Yes
Hardware	intel	xeon_gold_6328hl	-	No
Operating System	intel	xeon_gold_6348h_firmware	-	Yes
Hardware	intel	xeon_gold_6348h	-	No
Operating System	intel	xeon_platinum_8353h_firmware	-	Yes
Hardware	intel	xeon_platinum_8353h	-	No
Operating System	intel	xeon_platinum_8354h_firmware	-	Yes
Hardware	intel	xeon_platinum_8354h	-	No
Operating System	intel	xeon_platinum_8376h_firmware	-	Yes
Hardware	intel	xeon_platinum_8376h	-	No
Operating System	intel	xeon_platinum_8376hl_firmware	-	Yes
Hardware	intel	xeon_platinum_8376hl	-	No
Operating System	intel	xeon_platinum_8380h_firmware	-	Yes
Hardware	intel	xeon_platinum_8380h	-	No
Operating System	intel	xeon_platinum_8380hl_firmware	-	Yes
Hardware	intel	xeon_platinum_8380hl	-	No
Operating System	netapp	aff_c190_firmware	-	Yes
Hardware	netapp	aff_c190	-	No
Operating System	netapp	aff_a200_firmware	-	Yes
Hardware	netapp	aff_a200	-	No
Operating System	netapp	aff_a220_firmware	-	Yes
Hardware	netapp	aff_a220	-	No
Operating System	netapp	aff_a250_firmware	-	Yes
Hardware	netapp	aff_a250	-	No
Operating System	netapp	aff_a300_firmware	-	Yes
Hardware	netapp	aff_a300	-	No
Operating System	netapp	aff_a320_firmware	-	Yes
Hardware	netapp	aff_a320	-	No
Operating System	netapp	aff_a400_firmware	-	Yes
Hardware	netapp	aff_a400	-	No
Operating System	netapp	aff_a700_firmware	-	Yes
Hardware	netapp	aff_a700	-	No
Operating System	netapp	aff_a700s_firmware	-	Yes
Hardware	netapp	aff_a700s	-	No
Operating System	netapp	aff_a800_firmware	-	Yes
Hardware	netapp	aff_a800	-	No
Operating System	netapp	aff_a900_firmware	-	Yes
Hardware	netapp	aff_a900	-	No
Operating System	netapp	fas500f_firmware	-	Yes
Hardware	netapp	fas500f	-	No
Operating System	netapp	fas2600_firmware	-	Yes
Hardware	netapp	fas2600	-	No
Operating System	netapp	fas2700_firmware	-	Yes
Hardware	netapp	fas2700	-	No
Operating System	netapp	fas8200_firmware	-	Yes
Hardware	netapp	fas8200	-	No
Operating System	netapp	fas8300_firmware	-	Yes
Hardware	netapp	fas8300	-	No
Operating System	netapp	fas8700_firmware	-	Yes
Hardware	netapp	fas8700	-	No
Operating System	netapp	fas9000_firmware	-	Yes
Hardware	netapp	fas9000	-	No
Operating System	netapp	fas9500_firmware	-	Yes
Hardware	netapp	fas9500	-	No

References

https://security.netapp.com/advisory/ntap-20220930-0004/ Third Party Advisory ([email protected])
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00686.html Vendor Advisory ([email protected])
https://security.netapp.com/advisory/ntap-20220930-0004/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00686.html Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)

How SecUtils Interprets This CVE

SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For intel's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.