CVE-2021-20487

Summary

IBM Power9 Self Boot Engine(SBE) could allow a privileged user to inject malicious code and compromise the integrity of the host firmware bypassing the host firmware signature verification process.

Affected Software

VendorProductVersion RangeStatus
IBMPower 9 SystemsFW930affected
IBMPower 9 SystemsFW940affected
IBMPower 9 SystemsFW941affected
IBMPower 9 SystemsOP940affected

Weaknesses

  • Gain Privileges

ADP Enrichment

CVE Program Container

Additional References

References