Privilege Escalation Vulnerability in Intel Ethernet Products
CVE-2021-33158
7.2HIGH
Key Information:
- Vendor
- Intel
- Vendor
- CVE Published:
- 23 February 2024
Summary
An issue has been identified in specific Intel Ethernet Adapters and the Intel Ethernet Controller I225, where improper neutralization in the firmware can be exploited by a privileged user. This vulnerability could allow an attacker with local access to the system to escalate their privileges, potentially leading to unauthorized actions or access within the system. System administrators and users employing affected hardware should ensure they are aware of this issue and consider the necessary configurations and updates provided by Intel to mitigate potential risks.
Affected Version(s)
Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware See references
References
CVSS V3.1
Score:
7.2
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved