CVE-2021-33150

high-risk
Published 2022-03-11

Hardware allows activation of test or debug logic at runtime for some Intel(R) Trace Hub instances which may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

Do I need to act?

-
0.33% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
6
CVSS 6.8/10 Medium
PHYSICAL / LOW complexity

Affected Products (20)

Atom C2308
Atom C2316
Atom C2338
Atom C2350
Atom C2358
Atom C2508
Atom C2516
Atom C2518
Atom C2530
Atom C2538
Atom C2550
Atom C2558
Atom C2718
Atom C2730
Atom C2738
Atom C2750
Atom C2758
Atom C3308
Atom C3336
Atom C3338

Affected Vendors

Intel

References (2)

Vendor Advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00609....
Vendor Advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00609....
56
/ 100
high-risk
Severity 22/34 · High
Exploitability 1/34 · Minimal
Exposure 33/34 · Critical