← back
CVE-2021-20487

CVE-2021-20487

CVSS 8 HIGHEPSS 0.7%
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8EPSS 0.7%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
26 May 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
IBM Power9 Self Boot Engine(SBE) could allow a privileged user to inject malicious code and compromise the integrity of the host firmware bypassing the host firmware signature verification process.
CVSS:3.0/AV:N/UI:N/I:H/AC:H/PR:H/S:C/A:H/C:H/E:U/RL:O/RC:C
Affected products
IBM · Power 9 Systems