CVE-2021-33107

Name of the Vulnerable Software and Affected Versions Intel(R) AMT SDK versions prior to 16.0.3 Intel(R) SCS versions prior to 12.2 Intel(R) MEBx versions prior to 11.0.0.0012, 12.0.0.0011, 14.0.0.0004, and 15.0.0.0004

Description The issue is related to insufficiently protected credentials in USB provisioning for Intel(R) AMT SDK, Intel(R) SCS, and Intel(R) MEBx. This may allow an unauthenticated user to potentially enable information disclosure via physical access.

Recommendations For Intel(R) AMT SDK versions prior to 16.0.3, update to version 16.0.3 or later. For Intel(R) SCS versions prior to 12.2, update to version 12.2 or later. For Intel(R) MEBx versions prior to 11.0.0.0012, 12.0.0.0011, 14.0.0.0004, and 15.0.0.0004, update to a version that includes the necessary security fixes. As a temporary workaround, consider restricting physical access to the affected systems until a patch is available.