CVE-2021-33080 — MEDIUM (6.8)

Q: How severe is CVE-2021-33080?

CVE-2021-33080 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2021-33080?

Check the references section above for vendor advisories and patch information. Affected products include: Intel Optane Ssd Dc P4800X Firmware, Intel Optane Ssd Dc P4800X, Intel Optane Ssd Dc P4801X Firmware, Intel Optane Ssd Dc P4801X, Intel Optane Ssd P5800X Firmware.

Vulnerability Description

Exposure of sensitive system information due to uncleared debug information in firmware for some Intel(R) SSD DC, Intel(R) Optane(TM) SSD and Intel(R) Optane(TM) SSD DC Products may allow an unauthenticated user to potentially enable information disclosure or escalation of privilege via physical access.

CVSS Score

6.8

MEDIUM

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Intel	Optane Ssd Dc P4800X Firmware	< e2010600
Intel	Optane Ssd Dc P4800X	-
Intel	Optane Ssd Dc P4801X Firmware	< e2010600
Intel	Optane Ssd Dc P4801X	-
Intel	Optane Ssd P5800X Firmware	< l0310200
Intel	Optane Ssd P5800X	-
Intel	Optane Memory H20 With Solid State Storage Firmware	< pgf028k
Intel	Optane Memory H20 With Solid State Storage	-
Intel	Optane Memory H10 With Solid State Storage Firmware	< tgf061k
Intel	Optane Memory H10 With Solid State Storage	-
Intel	Optane Ssd 905P Firmware	< fw600
Intel	Optane Ssd 905P	-
Intel	Optane Ssd 900P Firmware	< fw600
Intel	Optane Ssd 900P	-

Related Weaknesses (CWE)

CWE-212

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.MitigationVendor Advisory
https://www.solidigm.com/content/dam/newco-aem-site/master/site/support/SolidigmBroken Link
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.MitigationVendor Advisory
https://www.solidigm.com/content/dam/newco-aem-site/master/site/support/SolidigmBroken Link

FAQ

What is CVE-2021-33080?

CVE-2021-33080 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Exposure of sensitive system information due to uncleared debug information in firmware for some Intel(R) SSD DC, Intel(R) Optane(TM) SSD and Intel(R) Optane(TM) SSD DC Products may allow an unauthent...

How severe is CVE-2021-33080?

CVE-2021-33080 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-33080?

Check the references section above for vendor advisories and patch information. Affected products include: Intel Optane Ssd Dc P4800X Firmware, Intel Optane Ssd Dc P4800X, Intel Optane Ssd Dc P4801X Firmware, Intel Optane Ssd Dc P4801X, Intel Optane Ssd P5800X Firmware.