Intel Optane Ssd 900P Firmware vulnerabilities

CVE-2023-27519 [MEDIUM] CWE-20 CVE-2023-27519: Improper input validation in firmware for some Intel(R) Optane(TM) SSD products may allow a privileg Improper input validation in firmware for some Intel(R) Optane(TM) SSD products may allow a privileged user to potentially enable escalation of privilege via local access.

CVE-2023-24588 [MEDIUM] CWE-200 CVE-2023-24588: Exposure of sensitive information to an unauthorized actor in firmware for some Intel(R) Optane(TM) Exposure of sensitive information to an unauthorized actor in firmware for some Intel(R) Optane(TM) SSD products may allow an unauthenticated user to potentially enable information disclosure via physical access.

CVE-2023-24587 [MEDIUM] CWE-691 CVE-2023-24587: Insufficient control flow management in firmware for some Intel(R) Optane(TM) SSD products may allow Insufficient control flow management in firmware for some Intel(R) Optane(TM) SSD products may allow a privileged user to potentially enable denial of service via local access.

CVE-2023-27306 [MEDIUM] CWE-665 CVE-2023-27306: Improper Initialization in firmware for some Intel(R) Optane(TM) SSD products may allow an authentic Improper Initialization in firmware for some Intel(R) Optane(TM) SSD products may allow an authenticated user to potentially enable denial of service via local access.

CVE-2021-33078 [MEDIUM] CWE-362 CVE-2021-33078: Race condition within a thread in firmware for some Intel(R) Optane(TM) SSD and Intel(R) SSD DC Prod Race condition within a thread in firmware for some Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products may allow a privileged user to potentially enable denial of service via local access.

CVE-2021-33083 [MEDIUM] CWE-287 CVE-2021-33083: Improper authentication in firmware for some Intel(R) SSD, Intel(R) Optane(TM) SSD, Intel(R) Optane( Improper authentication in firmware for some Intel(R) SSD, Intel(R) Optane(TM) SSD, Intel(R) Optane(TM) SSD DC and Intel(R) SSD DC Products may allow an privileged user to potentially enable information disclosure via local access.

CVE-2021-33075 [MEDIUM] CWE-362 CVE-2021-33075: Race condition in firmware for some Intel(R) Optane(TM) SSD, Intel(R) Optane(TM) SSD DC and Intel(R) Race condition in firmware for some Intel(R) Optane(TM) SSD, Intel(R) Optane(TM) SSD DC and Intel(R) SSD DC Products may allow a privileged user to potentially enable denial of service via local access.

CVE-2021-33082 [MEDIUM] CWE-212 CVE-2021-33082: Sensitive information in resource not removed before reuse in firmware for some Intel(R) SSD and Int Sensitive information in resource not removed before reuse in firmware for some Intel(R) SSD and Intel(R) Optane(TM) SSD Products may allow an unauthenticated user to potentially enable information disclosure via physical access.

CVE-2021-33077 [MEDIUM] CVE-2021-33077: Insufficient control flow management in firmware for some Intel(R) SSD, Intel(R) Optane(TM) SSD and Insufficient control flow management in firmware for some Intel(R) SSD, Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

CVE-2021-33069 [MEDIUM] CWE-404 CVE-2021-33069: Improper resource shutdown or release in firmware for some Intel(R) SSD, Intel(R) SSD DC, Intel(R) O Improper resource shutdown or release in firmware for some Intel(R) SSD, Intel(R) SSD DC, Intel(R) Optane(TM) SSD and Intel(R) Optane(TM) SSD DC may allow a privileged user to potentially enable denial of service via local access.

CVE-2021-33080 [MEDIUM] CWE-212 CVE-2021-33080: Exposure of sensitive system information due to uncleared debug information in firmware for some Int Exposure of sensitive system information due to uncleared debug information in firmware for some Intel(R) SSD DC, Intel(R) Optane(TM) SSD and Intel(R) Optane(TM) SSD DC Products may allow an unauthenticated user to potentially enable information disclosure or escalation of privilege via physical access.

CVE-2021-33074 [MEDIUM] CVE-2021-33074: Protection mechanism failure in firmware for some Intel(R) SSD, Intel(R) SSD DC and Intel(R) Optane( Protection mechanism failure in firmware for some Intel(R) SSD, Intel(R) SSD DC and Intel(R) Optane(TM) SSD Products may allow an unauthenticated user to potentially enable information disclosure via physical access.

CVE-2020-12311 [MEDIUM] CVE-2020-12311: Insufficient control flow managementin firmware in some Intel(R) Client SSDs and some Intel(R) Data Insufficient control flow managementin firmware in some Intel(R) Client SSDs and some Intel(R) Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via physical access.

CVE-2020-12309 [MEDIUM] CWE-522 CVE-2020-12309: Insufficiently protected credentialsin subsystem in some Intel(R) Client SSDs and some Intel(R) Data Insufficiently protected credentialsin subsystem in some Intel(R) Client SSDs and some Intel(R) Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via physical access.

CVE-2020-0584 [MEDIUM] CWE-120 CVE-2020-0584: Buffer overflow in firmware for Intel(R) SSD DC P4800X and P4801X Series, Intel(R) Optane(TM) SSD 90 Buffer overflow in firmware for Intel(R) SSD DC P4800X and P4801X Series, Intel(R) Optane(TM) SSD 900P and 905P Series may allow an unauthenticated user to potentially enable a denial of service via local access.

CVE-2020-12310 [MEDIUM] CVE-2020-12310: Insufficient control flow managementin firmware in some Intel(R) Client SSDs and some Intel(R) Data Insufficient control flow managementin firmware in some Intel(R) Client SSDs and some Intel(R) Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via physical access.