Vulnerabilities > Netapp > HCI Storage Node Bios
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-09 | CVE-2021-0060 | Insufficient compartmentalization in HECI subsystem for the Intel(R) SPS before versions SPS_E5_04.01.04.516.0, SPS_E5_04.04.04.033.0, SPS_E5_04.04.03.281.0, SPS_E5_03.01.03.116.0, SPS_E3_05.01.04.309.0, SPS_02.04.00.101.0, SPS_SoC-A_05.00.03.114.0, SPS_SoC-X_04.00.04.326.0, SPS_SoC-X_03.00.03.117.0, IGN_E5_91.00.00.167.0, SPS_PHI_03.01.03.078.0 may allow an authenticated user to potentially enable escalation of privilege via physical access. | 7.2 |
| 2021-06-09 | CVE-2020-12357 | Improper Initialization vulnerability in multiple products Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | 4.6 |
| 2021-06-09 | CVE-2020-12358 | Out-of-bounds Write vulnerability in multiple products Out of bounds write in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access. | 2.1 |
| 2021-06-09 | CVE-2020-12359 | Insufficient control flow management in the firmware for some Intel(R) Processors may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | 4.6 |
| 2021-06-09 | CVE-2020-12360 | Out-of-bounds Read vulnerability in multiple products Out of bounds read in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. | 4.6 |
| 2021-06-09 | CVE-2020-24486 | Improper Input Validation vulnerability in multiple products Improper input validation in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local access. | 2.1 |
| 2021-06-09 | CVE-2020-8670 | Race Condition vulnerability in multiple products Race condition in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | 4.4 |
| 2021-06-09 | CVE-2020-8700 | Improper Input Validation vulnerability in multiple products Improper input validation in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | 4.6 |
| 2020-11-12 | CVE-2020-8764 | Improper access control in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | 4.6 |
| 2020-11-12 | CVE-2020-8740 | Out-of-bounds Write vulnerability in multiple products Out of bounds write in Intel BIOS platform sample code for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | 4.6 |