Sensitive Information Disclosure in Intel SSD Products
CVE-2021-33082

4.6MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Ssd And Intel(r) Optane(tm) Ssd Products
Vendor: CVE Published:; 12 May 2022

What is CVE-2021-33082?

Certain firmware variations for Intel SSD and Intel Optane SSD products have a vulnerability that permits sensitive information from previously used resources to remain accessible. This may potentially enable unauthorized individuals with physical access to the device to retrieve confidential data. Proper management of information lifecycle is crucial to mitigate such risks.

Affected Version(s)

Intel(R) SSD and Intel(R) Optane(TM) SSD Products See references

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

https://www.solidigm.com/content/dam/newco-aem-site/maste...

x_refsource_MISC

CVSS V3.1

Score:

4.6

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 12, 2022
Vulnerability Reserved
May 18, 2021