CVE-2021-33107

CVE Database · CVE-2021-33107

CVE-2021-33107

· MEDIUMModified

CVSS v3.1

4.6

EPSS

0.25%

Published

Feb 9, 2022

Modified

May 5, 2025

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Insufficiently protected credentials in USB provisioning for Intel(R) AMT SDK before version 16.0.3, Intel(R) SCS before version 12.2 and Intel(R) MEBx before versions 11.0.0.0012, 12.0.0.0011, 14.0.0.0004 and 15.0.0.0004 may allow an unauthenticated user to potentially enable information disclosure via physical access.

CVSS Vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Weaknesses (CWE)

CWE-522CWE-522

Affected Products (715)

intel · active_management_technology_software_development_kit (up to 16.0.3)vulnerable

intel · setup_and_configuration_software (up to 12.2)vulnerable

intel · management_engine_bios_extension (up to 15.0.0.0004)vulnerable

intel · b560

intel · h510

intel · h570

intel · q570