PT-2022-3029 · Intel · Intel In-Band Manageability

Published

2022-05-10

Updated

2022-05-23

CVE-2021-33108

CVSS v2.0

6.8

Medium

Vector

AV:L/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Intel In-Band Manageability software versions prior to 2.13.0

Description The issue is related to improper input validation in the Intel In-Band Manageability software, which may allow a privileged user to potentially enable escalation of privilege via local access. This could be exploited by an attacker to elevate their privileges and potentially execute arbitrary code using a specially crafted application.

Recommendations For versions prior to 2.13.0, update to version 2.13.0 or later to resolve the issue.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2022-03695

CVE-2021-33108

Affected Products

Intel In-Band Manageability

PT-2022-3029 · Intel · Intel In-Band Manageability

CVE-2021-33108

Weakness Enumeration

Related Identifiers

Affected Products

References · 4