CVE-2021-20487

Published May 26, 2021

Last updated 3 years ago

Overview

Description: IBM Power9 Self Boot Engine(SBE) could allow a privileged user to inject malicious code and compromise the integrity of the host firmware bypassing the host firmware signature verification process.
Source: psirt@us.ibm.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 9.1
Impact score: 6
Exploitability score: 2.3
Vector string: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Severity: CRITICAL

CVSS 3.0

Type: Secondary
Base score: 8
Impact score: 6
Exploitability score: 1.3
Vector string: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 6.5
Impact score: 6.4
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-347

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:ibm:power9_system_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CCEDA6C8-69E8-455C-AC29-5424603CD45B",
            "versionEndExcluding": "fw930.30",
            "versionStartIncluding": "fw930.00"
          },
          {
            "criteria": "cpe:2.3:o:ibm:power9_system_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A672A461-81E2-4B42-BF2A-6AEE3FEA0568",
            "versionEndExcluding": "fw940.20",
            "versionStartIncluding": "fw940.00"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:ibm:9008-22l:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E18BF499-CBDC-4608-A613-ECD3DB1E3338"
          },
          {
            "criteria": "cpe:2.3:h:ibm:9009-22a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "57588DE0-FC4C-4E38-A51D-2878764D98B7"
          },
          {
            "criteria": "cpe:2.3:h:ibm:9009-41a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4190878F-C66E-4AFA-8BEE-1577EF02AB90"
          },
          {
            "criteria": "cpe:2.3:h:ibm:9009-42a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3880DCD3-E0E8-48BB-A3BE-7E97574B3CFB"
          },
          {
            "criteria": "cpe:2.3:h:ibm:9040-mr9:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4893C7F3-0CC9-48BF-805D-45E4F7288244"
          },
          {
            "criteria": "cpe:2.3:h:ibm:9080-m9s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1A10ED3B-CB3F-426A-81C9-710683927B2A"
          },
          {
            "criteria": "cpe:2.3:h:ibm:9223-22h:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B7194BCD-0DA3-4CDA-A133-A11A6F4C6020"
          },
          {
            "criteria": "cpe:2.3:h:ibm:9223-42h:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EB13C466-5751-4C96-8E37-AEC0F61DECF9"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:ibm:power9_system_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F35A54AD-5DED-4D55-BA5E-42B752B9E6FF",
            "versionEndExcluding": "fw950.00"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:ibm:9009-22g:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BFB756EE-B71D-4E5F-B84B-E5A1C8FBCC05"
          },
          {
            "criteria": "cpe:2.3:h:ibm:9009-41g:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "33DA8E99-1693-42EB-B31E-1907C4789EDE"
          },
          {
            "criteria": "cpe:2.3:h:ibm:9009-42g:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "037C5223-B23E-4E97-A521-97EF71FE5A48"
          },
          {
            "criteria": "cpe:2.3:h:ibm:9223-22s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "46ECB3A0-0AEB-4B81-8F8A-3CFDFA18B6FB"
          },
          {
            "criteria": "cpe:2.3:h:ibm:9223-42s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "509B153F-215A-48E7-B643-50E6846F6F16"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:ibm:scale-out_lc_system_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D7F76191-BD6D-43D5-94A4-3C9E1DBA231D",
            "versionEndExcluding": "op940.20"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:ibm:8335-gth:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3113AD78-CB3E-4288-A83B-2FBC7F96F7C2"
          },
          {
            "criteria": "cpe:2.3:h:ibm:8335-gtx:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C70F690D-3385-43F5-ABF0-CB5CA05B65BF"
          },
          {
            "criteria": "cpe:2.3:h:ibm:9183-22x:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "80232C68-A3A4-4236-8478-0A9EA97C349E"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References