7.8
HIGH
CVE-2021-0106
Intel Optane DC Persistent Memory Default Permissions Privilege Escalation
Description

Incorrect default permissions in the Intel(R) Optane(TM) DC Persistent Memory for Windows software versions before 2.00.00.3842 or 1.00.00.3515 may allow an authenticated user to potentially enable escalation of privilege via local access.

INFO

Published Date :

June 9, 2021, 8:15 p.m.

Last Modified :

Nov. 21, 2024, 5:41 a.m.

Source :

[email protected]

Remotely Exploitable :

No

Impact Score :

5.9

Exploitability Score :

1.8
Affected Products

The following products are affected by CVE-2021-0106 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Intel xeon_silver_4214
2 Intel ipmctl
3 Intel xeon_bronze_3204
4 Intel xeon_bronze_3206r
5 Intel xeon_gold_5215
6 Intel xeon_gold_5215l
7 Intel xeon_gold_5217
8 Intel xeon_gold_5218
9 Intel xeon_gold_5218b
10 Intel xeon_gold_5218n
11 Intel xeon_gold_5218r
12 Intel xeon_gold_5218t
13 Intel xeon_gold_5219y
14 Intel xeon_gold_5220
15 Intel xeon_gold_5220r
16 Intel xeon_gold_5220s
17 Intel xeon_gold_5220t
18 Intel xeon_gold_5222
19 Intel xeon_gold_6208u
20 Intel xeon_gold_6209u
21 Intel xeon_gold_6210u
22 Intel xeon_gold_6212u
23 Intel xeon_gold_6222
24 Intel xeon_gold_6222v
25 Intel xeon_gold_6226
26 Intel xeon_gold_6226r
27 Intel xeon_gold_6230
28 Intel xeon_gold_6230n
29 Intel xeon_gold_6230r
30 Intel xeon_gold_6230t
31 Intel xeon_gold_6234
32 Intel xeon_gold_6238
33 Intel xeon_gold_6238l
34 Intel xeon_gold_6238r
35 Intel xeon_gold_6238t
36 Intel xeon_gold_6240
37 Intel xeon_gold_6240l
38 Intel xeon_gold_6240r
39 Intel xeon_gold_6240y
40 Intel xeon_gold_6242
41 Intel xeon_gold_6242r
42 Intel xeon_gold_6244
43 Intel xeon_gold_6246
44 Intel xeon_gold_6246r
45 Intel xeon_gold_6248
46 Intel xeon_gold_6248r
47 Intel xeon_gold_6250
48 Intel xeon_gold_6250l
49 Intel xeon_gold_6252
50 Intel xeon_gold_6252n
51 Intel xeon_gold_6254
52 Intel xeon_gold_6256
53 Intel xeon_gold_6258r
54 Intel xeon_gold_6262
55 Intel xeon_gold_6262v
56 Intel xeon_gold_6269y
57 Intel xeon_platinum_8253
58 Intel xeon_platinum_8256
59 Intel xeon_platinum_8260
60 Intel xeon_platinum_8260l
61 Intel xeon_platinum_8260y
62 Intel xeon_platinum_8268
63 Intel xeon_platinum_8270
64 Intel xeon_platinum_8274
65 Intel xeon_platinum_8276
66 Intel xeon_platinum_8276l
67 Intel xeon_platinum_8280
68 Intel xeon_platinum_8280l
69 Intel xeon_platinum_8284
70 Intel xeon_platinum_9221
71 Intel xeon_platinum_9222
72 Intel xeon_platinum_9242
73 Intel xeon_platinum_9282
74 Intel xeon_silver_4208
75 Intel xeon_silver_4209t
76 Intel xeon_silver_4210
77 Intel xeon_silver_4210r
78 Intel xeon_silver_4210t
79 Intel xeon_silver_4214r
80 Intel xeon_silver_4214y
81 Intel xeon_silver_4215
82 Intel xeon_silver_4215r
83 Intel xeon_silver_4216
84 Intel xeon_gold_5315y
85 Intel xeon_gold_5317
86 Intel xeon_gold_5318h
87 Intel xeon_gold_5318n
88 Intel xeon_gold_5318s
89 Intel xeon_gold_5318y
90 Intel xeon_gold_5320
91 Intel xeon_gold_5320h
92 Intel xeon_gold_5320t
93 Intel xeon_gold_6312u
94 Intel xeon_gold_6314u
95 Intel xeon_gold_6326
96 Intel xeon_gold_6328h
97 Intel xeon_gold_6328hl
98 Intel xeon_gold_6330
99 Intel xeon_gold_6330h
100 Intel xeon_gold_6330n
101 Intel xeon_gold_6334
102 Intel xeon_gold_6336y
103 Intel xeon_gold_6338
104 Intel xeon_gold_6338n
105 Intel xeon_gold_6338t
106 Intel xeon_gold_6342
107 Intel xeon_gold_6346
108 Intel xeon_gold_6348
109 Intel xeon_gold_6348h
110 Intel xeon_gold_6354
111 Intel xeon_platinum_8351n
112 Intel xeon_platinum_8352m
113 Intel xeon_platinum_8352s
114 Intel xeon_platinum_8352v
115 Intel xeon_platinum_8352y
116 Intel xeon_platinum_8353h
117 Intel xeon_platinum_8354h
118 Intel xeon_platinum_8356h
119 Intel xeon_platinum_8358
120 Intel xeon_platinum_8358p
121 Intel xeon_platinum_8360h
122 Intel xeon_platinum_8360hl
123 Intel xeon_platinum_8360y
124 Intel xeon_platinum_8362
125 Intel xeon_platinum_8368
126 Intel xeon_platinum_8368q
127 Intel xeon_platinum_8376h
128 Intel xeon_platinum_8376hl
129 Intel xeon_platinum_8380
130 Intel xeon_platinum_8380h
131 Intel xeon_platinum_8380hl
132 Intel xeon_silver_4309y
133 Intel xeon_silver_4310
134 Intel xeon_silver_4310t
135 Intel xeon_silver_4314
136 Intel xeon_silver_4316
137 Intel xeon_platinum_8321hc
: Total Affected Vendor : 1 | Products : 137
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2021-0106.

URL Resource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00541.html Vendor Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00541.html Vendor Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2021-0106 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2021-0106 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by af854a3a-2127-422b-91ae-364da2661108

    Nov. 21, 2024

    Action Type Old Value New Value
    Added Reference https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00541.html
  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • Initial Analysis by [email protected]

    Jun. 30, 2021

    Action Type Old Value New Value
    Added CVSS V2 NIST (AV:L/AC:L/Au:N/C:P/I:P/A:P)
    Added CVSS V3.1 NIST AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
    Changed Reference Type https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00541.html No Types Assigned https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00541.html Vendor Advisory
    Added CWE NIST CWE-276
    Added CPE Configuration AND OR *cpe:2.3:a:intel:ipmctl:*:*:*:*:*:windows:*:* versions up to (excluding) 2.00.00.3842 OR cpe:2.3:h:intel:xeon_gold_5315y:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_5317:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_5318h:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_5318n:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_5318s:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_5318y:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_5320:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_5320h:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_5320t:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6312u:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6314u:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6326:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6328h:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6328hl:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6330:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6330h:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6330n:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6334:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6336y:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6338:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6338n:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6338t:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6342:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6346:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6348:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6348h:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6354:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8321hc:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8351n:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8352m:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8352s:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8352v:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8352y:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8353h:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8354h:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8356h:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8358:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8358p:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8360h:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8360hl:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8360y:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8362:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8368:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8368q:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8376h:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8376hl:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8380:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8380h:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8380hl:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_silver_4309y:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_silver_4310:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_silver_4310t:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_silver_4314:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_silver_4316:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:a:intel:ipmctl:*:*:*:*:*:windows:*:* versions up to (excluding) 1.00.00.3515 OR cpe:2.3:h:intel:xeon_bronze_3204:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_bronze_3206r:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_5215:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_5215l:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_5217:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_5218:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_5218b:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_5218n:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_5218r:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_5218t:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_5219y:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_5220:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_5220r:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_5220s:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_5220t:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_5222:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6208u:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6209u:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6210u:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6212u:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6222:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6222v:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6226:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6226r:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6230:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6230n:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6230r:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6230t:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6234:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6238:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6238l:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6238r:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6238t:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6240:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6240l:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6240r:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6240y:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6242:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6242r:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6244:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6246:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6246r:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6248:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6248r:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6250:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6250l:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6252:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6252n:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6254:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6256:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6258r:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6262:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6262v:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_gold_6269y:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8253:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8256:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8260:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8260l:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8260y:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8268:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8270:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8274:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8276:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8276l:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8280:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8280l:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_8284:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_9221:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_9222:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_9242:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_platinum_9282:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_silver_4208:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_silver_4209t:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_silver_4210:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_silver_4210r:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_silver_4210t:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_silver_4214:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_silver_4214r:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_silver_4214y:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_silver_4215:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_silver_4215r:-:*:*:*:*:*:*:* cpe:2.3:h:intel:xeon_silver_4216:-:*:*:*:*:*:*:*
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2021-0106 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2021-0106 weaknesses.

Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

0.04 }} 0.00%

score

0.10264

percentile

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
: