Improper Access Control in Intel In-Band Manageability Software
CVE-2021-0194

7.2HIGH

Key Information:

Vendor: Intel
Status: Intel(r) In-band Manageability Software
Vendor: CVE Published:; 12 May 2022

What is CVE-2021-0194?

The Intel In-Band Manageability software prior to version 2.13.0 has an improper access control vulnerability that could allow a privileged user to exploit network access. This flaw may enable the escalation of privileges, potentially compromising system integrity and security. Organizations utilizing affected versions are strongly advised to update to the latest version to mitigate risks associated with this vulnerability.

Affected Version(s)

Intel(R) In-Band Manageability software before version 2.13.0

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 12, 2022
Vulnerability Reserved
Oct 22, 2020