8.4
CVE-2021-33162
- EPSS 0.06%
- Veröffentlicht 23.02.2024 21:15:09
- Zuletzt bearbeitet 09.01.2026 19:36:50
- Quelle secure@intel.com
- CVE-Watchlists
- Unerledigt
LoginImproper access control in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow an authenticated user to potentially enable escalation of privilege via local access.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Intel ≫ Ethernet Controller I225-it Firmware Version < 1.87
Intel ≫ Ethernet Controller I225-lm Firmware Version < 1.87
Intel ≫ Ethernet Controller I225-v Firmware Version < 1.87
Intel ≫ Ethernet Adapter Complete Driver Version < 29.0.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.06% | 0.19 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secure@intel.com | 8.4 | 2 | 5.8 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
|
CWE-284 Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.