CVE-2021-33077
Last modified
CVE-2021-33077 is a medium-severity vulnerability rated 6.8/10 on the CVSS scale. Insufficient control flow management in firmware for some Intel(R) SSD, Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products may allow an unauthenticated user to potentially enable escalation of privilege via physical access.. EPSS estimates a 0.26% chance of exploitation in the next 30 days.
Description
Insufficient control flow management in firmware for some Intel(R) SSD, Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
Metrics
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Intel | Optane Ssd Dc P4800x Firmware | < e2010600 |
| Intel | Optane Ssd Dc P4801x Firmware | < e2010600 |
| Intel | Optane Ssd P5800x Firmware | < l0310200 |
| Intel | Optane Memory H20 With Solid State Storage Firmware | < pgf028k |
| Intel | Optane Memory H10 With Solid State Storage Firmware | < tgf061k |
| Intel | Optane Ssd 905p Firmware | < fw600 |
| Intel | Optane Ssd 900p Firmware | < fw600 |
References
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.htmlMitigation, Vendor Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.htmlMitigation, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2021-33077?
How severe is CVE-2021-33077?
How do I fix CVE-2021-33077?
Are you affected by CVE-2021-33077?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST