Strix
26.1K

CVE-2021-33150

MEDIUMCVSS 6.8/10EPSS 0.34%

Last modified

CVE-2021-33150 is a medium-severity vulnerability rated 6.8/10 on the CVSS scale. Hardware allows activation of test or debug logic at runtime for some Intel(R) Trace Hub instances which may allow an unauthenticated user to potentially enable escalation of privilege via physical access.. EPSS estimates a 0.34% chance of exploitation in the next 30 days.

Description

Hardware allows activation of test or debug logic at runtime for some Intel(R) Trace Hub instances which may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

Metrics

CVSS 3.1
6.8/10

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Probability
0.34%

25.5th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
IntelAtom C2308All versions
IntelAtom C2316All versions
IntelAtom C2338All versions
IntelAtom C2350All versions
IntelAtom C2358All versions
IntelAtom C2508All versions
IntelAtom C2516All versions
IntelAtom C2518All versions
IntelAtom C2530All versions
IntelAtom C2538All versions
IntelAtom C2550All versions
IntelAtom C2558All versions
IntelAtom C2718All versions
IntelAtom C2730All versions
IntelAtom C2738All versions
IntelAtom C2750All versions
IntelAtom C2758All versions
IntelAtom C3308All versions
IntelAtom C3336All versions
IntelAtom C3338All versions
IntelAtom C3338rAll versions
IntelAtom C3436lAll versions
IntelAtom C3508All versions
IntelAtom C3538All versions
IntelAtom C3558All versions
IntelAtom C3558rAll versions
IntelAtom C3708All versions
IntelAtom C3750All versions
IntelAtom C3758All versions
IntelAtom C3758rAll versions
IntelAtom C3808All versions
IntelAtom C3830All versions
IntelAtom C3850All versions
IntelAtom C3858All versions
IntelAtom C3950All versions
IntelAtom C3955All versions
IntelAtom C3958All versions
IntelAtom X5-E3930All versions
IntelAtom X5-E3940All versions
IntelAtom X7-E3950All versions
IntelB150All versions
IntelB250All versions
IntelB360All versions
IntelB365All versions
IntelC232All versions
IntelC236All versions
IntelC242All versions
IntelC246All versions
IntelC621All versions
IntelC621aAll versions

Showing 50 of 419 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2021-33150?
Hardware allows activation of test or debug logic at runtime for some Intel(R) Trace Hub instances which may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
How severe is CVE-2021-33150?
CVE-2021-33150 has a CVSS score of 6.8/10 (MEDIUM severity). The EPSS model estimates a 0.34% probability of exploitation in the next 30 days.
How do I fix CVE-2021-33150?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2021-33150?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST