CVE-2023-28376

MEDIUM

Intel E810 Ethernet Adapter Firmware < 1.7.1 - Unauthenticated Denial of Service via Out-of-bounds Read

Title source: llm

Description

Out-of-bounds read in the firmware for some Intel(R) E810 Ethernet Controllers and Adapters before version 1.7.1 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

References (2)

Core 2

Core References

Vendor Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00869.html

Vendor Advisory

https://security.netapp.com/advisory/ntap-20231221-0007/

Scores

CVSS v3 6.5

EPSS 0.0038

EPSS Percentile 30.3%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-125

Status published

Products (7)

intel/ethernet_network_adapter_e810-2cqda2_firmware < 1.7.1

intel/ethernet_network_adapter_e810-cqda1_firmware < 1.7.1

intel/ethernet_network_adapter_e810-cqda1_for_ocp_3.0_firmware < 1.7.1

intel/ethernet_network_adapter_e810-cqda1_for_ocp_firmware < 1.7.1

intel/ethernet_network_adapter_e810-cqda2_firmware < 1.7.1

intel/ethernet_network_adapter_e810-cqda2_for_ocp_3.0_firmware < 1.7.1

intel/ethernet_network_adapter_e810-cqda2t_firmware < 1.7.1

Published Nov 14, 2023

Tracked Since Feb 18, 2026