CVE-2021-33107
4.6
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Insufficiently protected credentials in USB provisioning for Intel(R) AMT SDK before version 16.0.3, Intel(R) SCS before version 12.2 and Intel(R) MEBx before versions 11.0.0.0012, 12.0.0.0011, 14.0.0.0004 and 15.0.0.0004 may allow an unauthenticated user to potentially enable information disclosure via physical access.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Intel(R) AMT SDK before version 16.0.3, Intel(R) SCS before version 12.2 and Intel(R) MEBx | before version 16.0.3, Intel(R) SCS before version 12.2 and Intel(R) MEBx before versions 11.0.0.0012, 12.0.0.0011, 14.0.0.0004 and 15.0.0.0004 | affected |
Weaknesses
- information disclosure
ADP Enrichment
CVE Program Container
Additional References
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00575.html
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00601.html
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00575.html
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00601.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.