CVE-2021-0084

CVE Database · CVE-2021-0084

CVE-2021-0084

· HIGHModified

CVSS v3.1

7.8

EPSS

0.32%

Published

Aug 11, 2021

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Improper input validation in the Intel(R) Ethernet Controllers X722 and 800 series Linux RMDA driver before version 1.3.19 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-20

Affected Products (8)

intel · ethernet_controller_e810_firmware (up to 1.4.11)vulnerable

intel · ethernet_controller_e810

intel · x722da2_firmware (up to 1.3.19)vulnerable

intel · x722da2

intel · x722da4fh_firmware (up to 1.3.19)vulnerable

intel · x722da4fh

intel · x722da4g1p5_firmware (up to 1.3.19)vulnerable

intel · x722da4g1p5

References (4)

https://security.netapp.com/advisory/ntap-20210827-0008/

Third Party Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00515.html

Vendor Advisory

https://security.netapp.com/advisory/ntap-20210827-0008/

Third Party Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00515.html

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs