Vulnerability Details CVE-2021-20487
IBM Power9 Self Boot Engine(SBE) could allow a privileged user to inject malicious code and compromise the integrity of the host firmware bypassing the host firmware signature verification process.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 33.7%
CVSS Severity
CVSS v3 Score 8.0
CVSS v2 Score 6.5
References
Products affected by CVE-2021-20487
-
cpe:2.3:h:ibm:8335-gth:-
-
cpe:2.3:h:ibm:8335-gtx:-
-
cpe:2.3:h:ibm:9008-22l:-
-
cpe:2.3:h:ibm:9009-22a:-
-
cpe:2.3:h:ibm:9009-22g:-
-
cpe:2.3:h:ibm:9009-41a:-
-
cpe:2.3:h:ibm:9009-41g:-
-
cpe:2.3:h:ibm:9009-42a:-
-
cpe:2.3:h:ibm:9009-42g:-
-
cpe:2.3:h:ibm:9040-mr9:-
-
cpe:2.3:h:ibm:9080-m9s:-
-
cpe:2.3:h:ibm:9183-22x:-
-
cpe:2.3:h:ibm:9223-22h:-
-
cpe:2.3:h:ibm:9223-22s:-
-
cpe:2.3:h:ibm:9223-42h:-
-
cpe:2.3:h:ibm:9223-42s:-
-
cpe:2.3:o:ibm:power9_system_firmware:-
-
cpe:2.3:o:ibm:power9_system_firmware:fw930.00
-
cpe:2.3:o:ibm:power9_system_firmware:fw930.30
-
cpe:2.3:o:ibm:power9_system_firmware:fw940.00
-
cpe:2.3:o:ibm:power9_system_firmware:fw940.20
-
cpe:2.3:o:ibm:scale-out_lc_system_firmware:-