CVE-2021-33082 — MEDIUM (4.6)

Q: How severe is CVE-2021-33082?

CVE-2021-33082 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2021-33082?

Check the references section above for vendor advisories and patch information. Affected products include: Intel Optane Ssd Dc P4800X Firmware, Intel Optane Ssd Dc P4800X, Intel Optane Ssd Dc P4801X Firmware, Intel Optane Ssd Dc P4801X, Intel Optane Ssd P5800X Firmware.

Vulnerability Description

Sensitive information in resource not removed before reuse in firmware for some Intel(R) SSD and Intel(R) Optane(TM) SSD Products may allow an unauthenticated user to potentially enable information disclosure via physical access.

CVSS Score

4.6

MEDIUM

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Intel	Optane Ssd Dc P4800X Firmware	< e2010600
Intel	Optane Ssd Dc P4800X	-
Intel	Optane Ssd Dc P4801X Firmware	< e2010600
Intel	Optane Ssd Dc P4801X	-
Intel	Optane Ssd P5800X Firmware	< l0310200
Intel	Optane Ssd P5800X	-
Intel	Optane Memory H20 With Solid State Storage Firmware	< pgf028k
Intel	Optane Memory H20 With Solid State Storage	-
Intel	Optane Memory H10 With Solid State Storage Firmware	< tgf061k
Intel	Optane Memory H10 With Solid State Storage	-
Intel	Optane Ssd 905P Firmware	< fw600
Intel	Optane Ssd 905P	-
Intel	Optane Ssd 900P Firmware	< fw600
Intel	Optane Ssd 900P	-

Related Weaknesses (CWE)

CWE-212

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.MitigationVendor Advisory
https://www.solidigm.com/content/dam/newco-aem-site/master/site/support/SolidigmBroken Link
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.MitigationVendor Advisory
https://www.solidigm.com/content/dam/newco-aem-site/master/site/support/SolidigmBroken Link

FAQ

What is CVE-2021-33082?

CVE-2021-33082 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Sensitive information in resource not removed before reuse in firmware for some Intel(R) SSD and Intel(R) Optane(TM) SSD Products may allow an unauthenticated user to potentially enable information di...

How severe is CVE-2021-33082?

CVE-2021-33082 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-33082?

Check the references section above for vendor advisories and patch information. Affected products include: Intel Optane Ssd Dc P4800X Firmware, Intel Optane Ssd Dc P4800X, Intel Optane Ssd Dc P4801X Firmware, Intel Optane Ssd Dc P4801X, Intel Optane Ssd P5800X Firmware.