CVE-2021-33141

CWE-20 — Improper Input Validation2 documents2 sources

Severity

8.6HIGH

EPSS

0.1%

top 67.24%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel Ethernet Adapter Complete Driver Intel Ethernet Controller I225-it Firmware Intel Ethernet Controller I225-lm Firmware +1 more

Timeline

PublishedFeb 23

Latest updateMay 16

Description

Improper input validation in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow an unauthenticated user to potentially enable denial of service via network access.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HExploitability: 3.9 | Impact: 4.0

Affected Packages5 packages

▶CVEListV5intel(r)_ethernet_adapters_and_intel(r)_ethernet_controller_i225_manageability_firmwareSee references

▶NVDintel/ethernet_controller_i225-v_firmware< 1.87

▶NVDintel/ethernet_controller_i225-it_firmware< 1.87

▶NVDintel/ethernet_controller_i225-lm_firmware< 1.87

▶NVDintel/ethernet_adapter_complete_driver< 29.0.1

🔴Vulnerability Details

CVEList

CVE-2021-33141: Improper input validation in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow an unauthenticated↗2024-05-16

▶