CVE-2021-33077

CVE Database · CVE-2021-33077

CVE-2021-33077

· MEDIUMModified

CVSS v3.1

6.8

EPSS

0.26%

Published

May 12, 2022

Modified

May 5, 2025

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Insufficient control flow management in firmware for some Intel(R) SSD, Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

CVSS Vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products (14)

intel · optane_ssd_dc_p4800x_firmware (up to e2010600)vulnerable

intel · optane_ssd_dc_p4800x

intel · optane_ssd_dc_p4801x_firmware (up to e2010600)vulnerable

intel · optane_ssd_dc_p4801x

intel · optane_ssd_p5800x_firmware (up to l0310200)vulnerable

intel · optane_ssd_p5800x

intel · optane_memory_h20_with_solid_state_storage_firmware (up to pgf028k)vulnerable

intel · optane_memory_h20_with_solid_state_storage

intel · optane_memory_h10_with_solid_state_storage_firmware (up to tgf061k)vulnerable

intel · optane_memory_h10_with_solid_state_storage

References (2)

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html

MitigationVendor Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html

MitigationVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs