Improper Input Validation in Intel Ethernet Adapters and Controllers
CVE-2021-33161

7.2HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Ethernet Adapters And Intel(r) Ethernet Controller I225 Manageability Firmware
Vendor: CVE Published:; 23 February 2024

What is CVE-2021-33161?

Certain Intel Ethernet Adapters and Intel Ethernet Controller I225 Manageability firmware contain a flaw related to improper input validation. This vulnerability may permit a privileged user to escalate their privileges through local access, posing a risk to system integrity and security. Addressing this issue is crucial to safeguarding against potential unauthorized access and exploitation.

Affected Version(s)

Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware See references

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 23, 2024
Vulnerability Reserved
May 18, 2021