PT-2022-4224 · Intel · Intel Ethernet 700 Series Controllers+2

Dmitry Shvarts

Published

2022-08-09

Updated

2022-08-26

CVE-2021-33126

CVSS v2.0

5.2

Medium

Vector

AV:L/AC:L/Au:S/C:N/I:P/A:C

Name of the Vulnerable Software and Affected Versions Intel(R) 700 and 722 Series Ethernet Controllers and Adapters versions prior to 8.5 and 1.5.5

Description The issue is related to improper access control in the firmware of the affected devices, which may allow a privileged user to enable denial of service via local access. This could potentially be exploited to cause service disruptions.

Recommendations For versions prior to 8.5 and 1.5.5, update to version 8.5 or 1.5.5 or later to resolve the issue. As a temporary workaround, consider restricting local access to the devices to minimize the risk of exploitation.

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

BDU:2022-05072

CVE-2021-33126

Affected Products

Intel Ethernet 700 Series Controllers

Intel 700/722 Series Ethernet Adapters

Intel 722 Series Ethernet Controllers

PT-2022-4224 · Intel · Intel Ethernet 700 Series Controllers+2

CVE-2021-33126

Weakness Enumeration

Related Identifiers

Affected Products

References · 6