Protection Mechanism Failure in Intel SSD Products and Firmware
CVE-2021-33074

4.6MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Ssd, Intel(r) Ssd Dc And Intel(r) Optane(tm) Ssd Products
Vendor: CVE Published:; 12 May 2022

What is CVE-2021-33074?

A vulnerability exists in the firmware of various Intel SSD products, including Intel SSD, Intel SSD DC, and Intel Optane SSDs, leading to a failure in the protection mechanisms. This flaw may allow an unauthenticated user to potentially access sensitive information via direct physical access to the device. Organizations using these products should assess their physical security measures to mitigate potential risks.

Affected Version(s)

Intel(R) SSD, Intel(R) SSD DC and Intel(R) Optane(TM) SSD Products See references

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

https://www.solidigm.com/content/dam/newco-aem-site/maste...

x_refsource_MISC

CVSS V3.1

Score:

4.6

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 12, 2022
Vulnerability Reserved
May 18, 2021