CVE-2023-28376

MEDIUM

Intel Ethernet Network Adapter E810-2... - Out-of-Bounds Read

Title source: rule

Description

Out-of-bounds read in the firmware for some Intel(R) E810 Ethernet Controllers and Adapters before version 1.7.1 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

References (2)

Core 2

Core References

Vendor Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00869.html

Vendor Advisory

https://security.netapp.com/advisory/ntap-20231221-0007/

Scores

CVSS v3 6.5

EPSS 0.0008

EPSS Percentile 23.5%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-125

Status published

Products (7)

intel/ethernet_network_adapter_e810-2cqda2_firmware < 1.7.1

intel/ethernet_network_adapter_e810-cqda1_firmware < 1.7.1

intel/ethernet_network_adapter_e810-cqda1_for_ocp_3.0_firmware < 1.7.1

intel/ethernet_network_adapter_e810-cqda1_for_ocp_firmware < 1.7.1

intel/ethernet_network_adapter_e810-cqda2_firmware < 1.7.1

intel/ethernet_network_adapter_e810-cqda2_for_ocp_3.0_firmware < 1.7.1

intel/ethernet_network_adapter_e810-cqda2t_firmware < 1.7.1

Published Nov 14, 2023

Tracked Since Feb 18, 2026