CVE: CVE-2021-33080

Export to Word

Exposure of sensitive system information due to uncleared debug information in firmware for some Intel(R) SSD DC, Intel(R) Optane(TM) SSD and Intel(R) Optane(TM) SSD DC Products may allow an unauthenticated user to potentially enable information disclosure or escalation of privilege via physical access.

Threat-Mapped Scoring

Score: 2.3

Priority: P3 - Important (Medium)

S6 – Espionage of Financial Trades

EPSS

Score: 0.00122
Percentile: 0.32172

CVSS Scoring

CVSS v3.1 Score: 6.8

Severity: MEDIUM

Mapped CWE(s)

CWE-212 : Improper Removal of Sensitive Information Before Storage or Transfer

All CAPEC(s)

CAPEC-168: Windows ::DATA Alternate Data Stream

CAPEC(s) with Mapped TTPs

Mapped ATT&CK TTPs

Affected Products

cpe:2.3:o:intel:optane_ssd_dc_p4800x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:intel:optane_ssd_dc_p4801x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:intel:optane_ssd_p5800x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:intel:optane_memory_h20_with_solid_state_storage_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:intel:optane_memory_h10_with_solid_state_storage_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:intel:optane_ssd_905p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:intel:optane_ssd_900p_firmware:*:*:*:*:*:*:*:*

← Back to Home