CVE-2021-0013 — Improper Input Validation in Intel Endpoint Management Assistant

CWE-20 — Improper Input Validation4 documents4 sources

Severity

7.5HIGHNVD

EPSS

0.3%

top 47.91%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel Endpoint Management Assistant

Timeline

PublishedNov 17

Latest updateMay 24

Description

Improper input validation for Intel(R) EMA before version 1.5.0 may allow an unauthenticated user to potentially enable denial of service via network access.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

▶NVDintel/endpoint_management_assistant< 1.5.0

🔴Vulnerability Details

GHSA

GHSA-v6rx-jchx-4xgh: Improper input validation for Intel(R) EMA before version 1↗2022-05-24

▶

CVEList

CVE-2021-0013: Improper input validation for Intel(R) EMA before version 1↗2021-11-17

▶

📋Vendor Advisories

VMware

VMware Tools, VMRC and VMware App Volumes update addresses a local privilege escalation vulnerability (CVE-2021-21999)↗2021-06-22

▶