Improper Input Validation in Intel Ethernet Adapters and Controllers
CVE-2021-33142

6MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Ethernet Adapters And Intel(r) Ethernet Controller I225 Manageability Firmware
Vendor: CVE Published:; 23 February 2024

Summary

A vulnerability exists in certain Intel Ethernet Adapters and Intel Ethernet Controller I225 due to improper input validation in the firmware. This issue may allow a privileged user with local access to exploit the vulnerability, potentially enabling a denial of service condition. Users and administrators of affected products are advised to implement appropriate mitigations and ensure their firmware is updated to the latest secure version to mitigate potential risks.

Affected Version(s)

Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware See references

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Feb 23, 2024
Vulnerability Reserved
May 18, 2021