Vulnerability Description
Improper access control in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intel | Ethernet Controller I225-It Firmware | < 1.87 |
| Intel | Ethernet Controller I225-It | - |
| Intel | Ethernet Controller I225-Lm Firmware | < 1.87 |
| Intel | Ethernet Controller I225-Lm | - |
| Intel | Ethernet Controller I225-V Firmware | < 1.87 |
| Intel | Ethernet Controller I225-V | - |
| Intel | Ethernet Adapter Complete Driver | < 29.0.1 |
Related Weaknesses (CWE)
References
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00756.Vendor Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00756.Vendor Advisory
FAQ
What is CVE-2021-33162?
CVE-2021-33162 is a vulnerability with a CVSS score of 8.4 (HIGH). Improper access control in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow an authenticated user to potentially enable escalation of privilege vi...
How severe is CVE-2021-33162?
CVE-2021-33162 has been rated HIGH with a CVSS base score of 8.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-33162?
Check the references section above for vendor advisories and patch information. Affected products include: Intel Ethernet Controller I225-It Firmware, Intel Ethernet Controller I225-It, Intel Ethernet Controller I225-Lm Firmware, Intel Ethernet Controller I225-Lm, Intel Ethernet Controller I225-V Firmware.