What is CVE-2021-33077?

CVE-2021-33077 is a vulnerability in the firmware of some Intel SSD products that may allow an unauthenticated user to enable escalation of privilege via physical access.

Which Intel SSD products are affected by CVE-2021-33077?

The Intel SSD products affected by CVE-2021-33077 include Intel Optane SSD DC P4800x, Intel Optane SSD DC P4801x, Intel Optane SSD P5800x, Intel Optane Memory H20 With Solid State Storage, Intel Optane Memory H10 With Solid State Storage, Intel Optane SSD 905p, and Intel Optane SSD 900p.

How severe is CVE-2021-33077?

The severity of CVE-2021-33077 is medium with a CVSS score of 6.8.

How can an unauthenticated user exploit CVE-2021-33077?

An unauthenticated user can potentially exploit CVE-2021-33077 by gaining physical access to the affected Intel SSD products.

Is there a fix available for CVE-2021-33077?

Intel has provided firmware updates to address the vulnerability CVE-2021-33077. Please refer to the Intel Security Advisory for more information.

Vulnerability/
CVE-2021-33077

medium

6.8

12/5/2022

12/7/2022

CVE-2021-33077

First published: Thu May 12 2022(Updated: )

Insufficient control flow management in firmware for some Intel(R) SSD, Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

Credit: secure@intel.com

Affected Software	Affected Version	How to fix
Intel Optane Ssd Dc P4800x Firmware	<e2010600
Intel Optane Ssd Dc P4800x
Intel Optane Ssd Dc P4801x Firmware	<e2010600
Intel Optane Ssd Dc P4801x
Intel Optane Ssd P5800x Firmware	<l0310200
Intel Optane Ssd P5800x
Intel Optane Memory H20 With Solid State Storage Firmware	<pgf028k
Intel Optane Memory H20 With Solid State Storage
Intel Optane Memory H10 With Solid State Storage Firmware	<tgf061k
Intel Optane Memory H10 With Solid State Storage
Intel Optane Ssd 905p Firmware	<fw600
Intel Optane Ssd 905p
Intel Optane Ssd 900p Firmware	<fw600
Intel Optane Ssd 900p

Never miss a vulnerability like this again

Reference Links

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html

Frequently Asked Questions

What is CVE-2021-33077?
CVE-2021-33077 is a vulnerability in the firmware of some Intel SSD products that may allow an unauthenticated user to enable escalation of privilege via physical access.
Which Intel SSD products are affected by CVE-2021-33077?
The Intel SSD products affected by CVE-2021-33077 include Intel Optane SSD DC P4800x, Intel Optane SSD DC P4801x, Intel Optane SSD P5800x, Intel Optane Memory H20 With Solid State Storage, Intel Optane Memory H10 With Solid State Storage, Intel Optane SSD 905p, and Intel Optane SSD 900p.
How severe is CVE-2021-33077?
The severity of CVE-2021-33077 is medium with a CVSS score of 6.8.
How can an unauthenticated user exploit CVE-2021-33077?
An unauthenticated user can potentially exploit CVE-2021-33077 by gaining physical access to the affected Intel SSD products.
Is there a fix available for CVE-2021-33077?
Intel has provided firmware updates to address the vulnerability CVE-2021-33077. Please refer to the Intel Security Advisory for more information.

collector/nvd-index
agent/author
agent/references
agent/severity
agent/description
agent/tags
agent/type
agent/event
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
vendor/intel
canonical/intel optane ssd dc p4800x firmware
canonical/intel optane ssd dc p4800x
canonical/intel optane ssd dc p4801x firmware
canonical/intel optane ssd dc p4801x
canonical/intel optane ssd p5800x firmware
canonical/intel optane ssd p5800x
canonical/intel optane memory h20 with solid state storage firmware
canonical/intel optane memory h20 with solid state storage
canonical/intel optane memory h10 with solid state storage firmware
canonical/intel optane memory h10 with solid state storage
canonical/intel optane ssd 905p firmware
canonical/intel optane ssd 905p
canonical/intel optane ssd 900p firmware
canonical/intel optane ssd 900p