Improper Access Control in Intel Ethernet Adapters and Controllers
CVE-2021-33162

8.4HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Ethernet Adapters And Intel(r) Ethernet Controller I225 Manageability Firmware
Vendor: CVE Published:; 23 February 2024

What is CVE-2021-33162?

The vulnerability in Intel Ethernet Adapters and the Intel Ethernet Controller I225 Manageability firmware stems from improper access control mechanisms. This flaw may permit an authenticated user to escalate privileges through local access, enabling unauthorized actions within the system. Addressing this vulnerability is crucial for maintaining the security integrity of the affected devices.

Affected Version(s)

Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware See references

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

8.4

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 23, 2024
Vulnerability Reserved
May 18, 2021