What is CVE-2021-33107?

CVE-2021-33107 is a medium-severity vulnerability in Intel Active_management_technology_software_development_kit, classified under Insufficiently Protected Credentials. CVSS score: 4.6/10. Published 2022-02-09.

How severe is CVE-2021-33107?

Medium severity. CVSS v3 base score is 4.6 out of 10.

Vulnerability in Intel Active_management_technology_software_development_kit

CVE-2021-33107

Insufficiently protected credentials in USB provisioning for Intel(R) AMT SDK before version 16.0.3, Intel(R) SCS before version 12.2 and Intel(R) MEBx before versions 11.0.0.0012, 12.0.0.0011, 14.0.0.0004 and 15.0.0.0004 may allow an unau…

EPSS: 0.002 (15.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.6 (Medium). Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.

Affected products

Weakness classification (CWE)

CWE-522 — Insufficiently Protected Credentials

References

secure@intel.com (Patch, x_refsource_MISC, Vendor Advisory)
secure@intel.com (x_refsource_CONFIRM, Patch, Vendor Advisory)

Frequently asked questions

What is CVE-2021-33107?: CVE-2021-33107 is a medium-severity vulnerability in Intel Active_management_technology_software_development_kit, classified under Insufficiently Protected Credentials. CVSS score: 4.6/10. Published 2022-02-09.
How severe is CVE-2021-33107?: Medium severity. CVSS v3 base score is 4.6 out of 10.