CVE-2021-33068

CWE-476 — NULL Pointer Dereference3 documents3 sources

Severity

6.5MEDIUM

EPSS

0.5%

top 36.31%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel Active Management Technology Firmware

Timeline

PublishedFeb 9

Latest updateFeb 11

Description

Null pointer dereference in subsystem for Intel(R) AMT before versions 15.0.35 may allow an authenticated user to potentially enable denial of service via network access.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

▶NVDintel/active_management_technology_firmware< 15.0.35

▶CVEListV5intel(r)_amtbefore versions 15.0.35

🔴Vulnerability Details

GHSA

GHSA-95jg-586g-68w9: Null pointer dereference in subsystem for Intel(R) AMT before versions 15↗2022-02-11

▶

CVEList

CVE-2021-33068: Null pointer dereference in subsystem for Intel(R) AMT before versions 15↗2022-02-09

▶