Improper Authentication in Intel SSDs and Optane Products
CVE-2021-33083

4.4MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Ssd, Intel(r) Optane(tm) Ssd, Intel(r) Optane(tm) Ssd Dc And Intel(r) Ssd Dc Products
Vendor: CVE Published:; 12 May 2022

What is CVE-2021-33083?

A vulnerability present in the firmware of several Intel SSD and Optane SSD products allows a privileged user with local access to potentially enable information disclosure. This situation arises due to improper authentication mechanisms within the affected products, which may expose sensitive data to unauthorized access. Users are strongly advised to review their firmware versions and apply necessary updates to mitigate potential risks.

Affected Version(s)

Intel(R) SSD, Intel(R) Optane(TM) SSD, Intel(R) Optane(TM) SSD DC and Intel(R) SSD DC Products See references

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

https://www.solidigm.com/content/dam/newco-aem-site/maste...

x_refsource_MISC

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 12, 2022
Vulnerability Reserved
May 18, 2021