Improper Authentication in Intel SSDs and Optane Products
CVE-2021-33083
4.4MEDIUM
Key Information:
- Vendor
- Intel
- Status
- Vendor
- CVE Published:
- 12 May 2022
Summary
A vulnerability present in the firmware of several Intel SSD and Optane SSD products allows a privileged user with local access to potentially enable information disclosure. This situation arises due to improper authentication mechanisms within the affected products, which may expose sensitive data to unauthorized access. Users are strongly advised to review their firmware versions and apply necessary updates to mitigate potential risks.
Affected Version(s)
Intel(R) SSD, Intel(R) Optane(TM) SSD, Intel(R) Optane(TM) SSD DC and Intel(R) SSD DC Products See references
References
CVSS V3.1
Score:
4.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved