Vulnerabilities > CVE-2021-0200 - Out-of-bounds Write vulnerability in Intel products

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

intel

CWE-787

NVD

Published: 2021-11-17

Updated: 2021-12-14

Summary

Out-of-bounds write in the firmware for Intel(R) Ethernet 700 Series Controllers before version 8.2 may allow a privileged user to potentially enable an escalation of privilege via local access.

Vulnerable Configurations

Part	Description	Count
OS	Intel Intel Ethernet Controller V710 AT2 Firmware - Intel Ethernet Controller X710 TM4 Firmware - Intel Ethernet Controller X710 TM4 Firmware 1.33.0.0 Intel Ethernet Controller X710 TM4 Firmware 2.8.43 Intel Ethernet Controller X710 TM4 Firmware 7.0 Intel Ethernet Controller X710 AT2 Firmware - Intel Ethernet Controller X710 AT2 Firmware 1.33.0.0 Intel Ethernet Controller X710 AT2 Firmware 2.8.43 Intel Ethernet Controller X710 AT2 Firmware 7.0 Intel Ethernet Controller Xxv710 AM2 Firmware - Intel Ethernet Controller Xxv710 AM2 Firmware 1.33.0.0 Intel Ethernet Controller Xxv710 AM2 Firmware 2.8.43 Intel Ethernet Controller Xxv710 AM2 Firmware 7.0 Intel Ethernet Controller Xxv710 AM1 Firmware - Intel Ethernet Controller Xxv710 AM1 Firmware 1.33.0.0 Intel Ethernet Controller Xxv710 AM1 Firmware 2.8.43 Intel Ethernet Controller Xxv710 AM1 Firmware 7.0 Intel Ethernet Controller X710 AM2 Firmware - Intel Ethernet Controller Xl710 AM1 Firmware - Intel Ethernet Controller Xl710 AM2 Firmware - Intel Ethernet Controller X710 BM2 Firmware - Intel Ethernet Controller X710 BM2 Firmware 1.33.0.0 Intel Ethernet Controller X710 BM2 Firmware 2.8.43 Intel Ethernet Controller X710 BM2 Firmware 7.0 Intel Ethernet Controller Xl710 BM2 Firmware - Intel Ethernet Controller Xl710 BM1 Firmware -	26
Hardware	Intel Intel Ethernet Controller V710 AT2 - Intel Ethernet Controller X710 TM4 - Intel Ethernet Controller X710 AT2 - Intel Ethernet Controller Xxv710 AM2 - Intel Ethernet Controller Xxv710 AM1 - Intel Ethernet Controller X710 AM2 - Intel Ethernet Controller Xl710 AM1 - Intel Ethernet Controller Xl710 AM2 - Intel Ethernet Controller X710 BM2 - Intel Ethernet Controller Xl710 BM2 - Intel Ethernet Controller Xl710 BM1 -	11

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References