7.2
CVE-2021-33158
- EPSS 0.04%
- Veröffentlicht 23.02.2024 21:15:09
- Zuletzt bearbeitet 09.01.2026 19:49:07
- Quelle secure@intel.com
- CVE-Watchlists
- Unerledigt
LoginImproper neutralization in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable escalation of privilege via local access.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Intel ≫ Ethernet Controller I225-it Firmware Version < 1.87
Intel ≫ Ethernet Controller I225-lm Firmware Version < 1.87
Intel ≫ Ethernet Controller I225-v Firmware Version < 1.87
Intel ≫ Ethernet Adapter Complete Driver Version < 29.0.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.124 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secure@intel.com | 7.2 | 0.8 | 5.8 |
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H
|
CWE-86 Improper Neutralization of Invalid Characters in Identifiers in Web Pages
The product does not neutralize or incorrectly neutralizes invalid characters or byte sequences in the middle of tag names, URI schemes, and other identifiers.