CVE-2021-33126
Last modified
CVE-2021-33126 is a medium-severity vulnerability rated 4.4/10 on the CVSS scale. Improper access control in the firmware for some Intel(R) 700 and 722 Series Ethernet Controllers and Adapters before versions 8.5 and 1.5.5 may allow a privileged user to potentially enable denial of service via local access.. EPSS estimates a 0.19% chance of exploitation in the next 30 days.
Description
Improper access control in the firmware for some Intel(R) 700 and 722 Series Ethernet Controllers and Adapters before versions 8.5 and 1.5.5 may allow a privileged user to potentially enable denial of service via local access.
Metrics
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Intel | Ethernet Controller Xxv710 Firmware | < 8.5 |
| Intel | Ethernet Controller Xl710 Firmware | < 8.5 |
| Intel | Ethernet Controller V710 Firmware | < 8.5 |
| Intel | Ethernet Controller X710 Firmware | < 8.5 |
| Intel | Ethernet Network Adapter X722da2 Firmware | < 1.5.5 |
| Intel | Ethernet Network Adapter X722da4fh Firmware | < 1.5.5 |
| Intel | Ethernet Network Adapter X722da4g1p5 Firmware | < 1.5.5 |
References
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00593.htmlPatch, Vendor Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00593.htmlPatch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2021-33126?
How severe is CVE-2021-33126?
How do I fix CVE-2021-33126?
Are you affected by CVE-2021-33126?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST