Vulnerability Description
Insufficient control flow management in firmware for some Intel(R) SSD, Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intel | Optane Ssd Dc P4800X Firmware | < e2010600 |
| Intel | Optane Ssd Dc P4800X | - |
| Intel | Optane Ssd Dc P4801X Firmware | < e2010600 |
| Intel | Optane Ssd Dc P4801X | - |
| Intel | Optane Ssd P5800X Firmware | < l0310200 |
| Intel | Optane Ssd P5800X | - |
| Intel | Optane Memory H20 With Solid State Storage Firmware | < pgf028k |
| Intel | Optane Memory H20 With Solid State Storage | - |
| Intel | Optane Memory H10 With Solid State Storage Firmware | < tgf061k |
| Intel | Optane Memory H10 With Solid State Storage | - |
| Intel | Optane Ssd 905P Firmware | < fw600 |
| Intel | Optane Ssd 905P | - |
| Intel | Optane Ssd 900P Firmware | < fw600 |
| Intel | Optane Ssd 900P | - |
References
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.MitigationVendor Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.MitigationVendor Advisory
FAQ
What is CVE-2021-33077?
CVE-2021-33077 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Insufficient control flow management in firmware for some Intel(R) SSD, Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products may allow an unauthenticated user to potentially enable escalation of privi...
How severe is CVE-2021-33077?
CVE-2021-33077 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-33077?
Check the references section above for vendor advisories and patch information. Affected products include: Intel Optane Ssd Dc P4800X Firmware, Intel Optane Ssd Dc P4800X, Intel Optane Ssd Dc P4801X Firmware, Intel Optane Ssd Dc P4801X, Intel Optane Ssd P5800X Firmware.