Out-of-Bounds Read Vulnerability in Intel Ethernet Adapters
CVE-2021-0009

6.5MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Ethernet Adapters 800 Series Controllers And Associated Adapters
Vendor: CVE Published:; 11 August 2021

Summary

An out-of-bounds read vulnerability exists in the firmware of Intel Ethernet Adapters 800 Series Controllers, allowing unauthenticated users with adjacent access to potentially execute a denial of service attack. Affected systems running versions prior to 1.5.3.0 are particularly at risk, emphasizing the need for timely updates to enhance security measures and protect against unauthorized exploits.

Affected Version(s)

Intel(R) Ethernet Adapters 800 Series Controllers and associated adapters before version 1.5.3.0

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20210827-0009/

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 11, 2021
Vulnerability Reserved
Oct 22, 2020