Multiple vulnerabilities in Intel PROSet/Wireless Wi-Fi, AMT Wireless and Killer Wi-Fi Software
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 23 |
| CVE-ID | CVE-2021-0172 CVE-2021-0072 CVE-2021-0183 CVE-2021-0179 CVE-2021-0178 CVE-2021-0177 CVE-2021-0176 CVE-2021-0076 CVE-2021-0175 CVE-2021-0174 CVE-2021-0173 CVE-2021-0171 CVE-2021-0162 CVE-2021-0170 CVE-2021-0168 CVE-2021-0169 CVE-2021-0167 CVE-2021-0166 CVE-2021-0066 CVE-2021-0165 CVE-2021-0164 CVE-2021-0161 CVE-2021-0163 |
| CWE-ID | CWE-20 CWE-200 CWE-284 CWE-426 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Intel Wi-Fi 6E AX210 Hardware solutions / Firmware Intel Wi-Fi 6 AX201 Hardware solutions / Firmware Intel Wi-Fi 6 AX200 Hardware solutions / Firmware Intel Wireless-AC 9560 Hardware solutions / Firmware Intel Wireless-AC 9462 Hardware solutions / Firmware Intel Wireless-AC 9461 Hardware solutions / Firmware Intel Wireless-AC 9260 Hardware solutions / Firmware Intel Dual Band Wireless-AC 8265 Hardware solutions / Firmware Intel Dual Band Wireless-AC 8260 Hardware solutions / Firmware Intel Dual Band Wireless-AC 3168 Hardware solutions / Firmware Intel Wireless 7265 (Rev D) Family Hardware solutions / Firmware Intel Dual Band Wireless-AC 3165 Hardware solutions / Firmware Intel Wi-Fi 6 AX210 Hardware solutions / Firmware Killer Wi-Fi 6E AX1675 Hardware solutions / Firmware Killer Wi-Fi 6 AX1650 Hardware solutions / Firmware Killer Wireless-AC 1550 Hardware solutions / Firmware Intel Active Management Technology Wireless Hardware solutions / Firmware Killer Hardware solutions / Firmware Intel PROSet/Wireless WiFi Software Hardware solutions / Drivers |
| Vendor | Intel |
Security Bulletin
This security bulletin contains information about 23 vulnerabilities.
1) Input validation error
EUVDB-ID: #VU60505
Risk: Low
CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-0172
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in firmware. A remote attacker on the local network can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIntel Wi-Fi 6E AX210: All versions
Intel Wi-Fi 6 AX201: All versions
Intel Wi-Fi 6 AX200: All versions
Intel Wireless-AC 9560: All versions
Intel Wireless-AC 9462: All versions
Intel Wireless-AC 9461: All versions
Intel Wireless-AC 9260: All versions
Intel Dual Band Wireless-AC 8265: All versions
Intel Dual Band Wireless-AC 8260: All versions
Intel Dual Band Wireless-AC 3168: All versions
Intel Wireless 7265 (Rev D) Family: All versions
Intel Dual Band Wireless-AC 3165: All versions
Intel Wi-Fi 6 AX210: All versions
Killer Wi-Fi 6E AX1675: All versions
Killer Wi-Fi 6 AX1650: All versions
Killer Wireless-AC 1550: All versions
Intel PROSet/Wireless WiFi Software: before 22.60
Intel Active Management Technology Wireless: before 15.0.35
Killer: before 3.0
External linkshttp://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Information disclosure
EUVDB-ID: #VU60515
Risk: Low
CVSSv3.1: 3.6 [CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-0072
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to insufficient validation of user-supplied input in firmware. A local administrator can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIntel Wi-Fi 6E AX210: All versions
Intel Wi-Fi 6 AX201: All versions
Intel Wi-Fi 6 AX200: All versions
Intel Wireless-AC 9560: All versions
Intel Wireless-AC 9462: All versions
Intel Wireless-AC 9461: All versions
Intel Wireless-AC 9260: All versions
Intel Dual Band Wireless-AC 8265: All versions
Intel Dual Band Wireless-AC 8260: All versions
Intel Dual Band Wireless-AC 3168: All versions
Intel Wireless 7265 (Rev D) Family: All versions
Intel Dual Band Wireless-AC 3165: All versions
Intel Wi-Fi 6 AX210: All versions
Killer Wi-Fi 6E AX1675: All versions
Killer Wi-Fi 6 AX1650: All versions
Killer Wireless-AC 1550: All versions
Intel PROSet/Wireless WiFi Software: before 22.60
Intel Active Management Technology Wireless: before 15.0.35
Killer: before 3.0
External linkshttp://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Input validation error
EUVDB-ID: #VU60514
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-0183
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper validation of specified index, position, or offset in Input in software. A remote attacker on the local network can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIntel Wi-Fi 6E AX210: All versions
Intel Wi-Fi 6 AX201: All versions
Intel Wi-Fi 6 AX200: All versions
Intel Wireless-AC 9560: All versions
Intel Wireless-AC 9462: All versions
Intel Wireless-AC 9461: All versions
Intel Wireless-AC 9260: All versions
Intel Dual Band Wireless-AC 8265: All versions
Intel Dual Band Wireless-AC 8260: All versions
Intel Dual Band Wireless-AC 3168: All versions
Intel Wireless 7265 (Rev D) Family: All versions
Intel Dual Band Wireless-AC 3165: All versions
Intel Wi-Fi 6 AX210: All versions
Killer Wi-Fi 6E AX1675: All versions
Killer Wi-Fi 6 AX1650: All versions
Killer Wireless-AC 1550: All versions
Intel PROSet/Wireless WiFi Software: before 22.60
Intel Active Management Technology Wireless: before 15.0.35
Killer: before 3.0
External linkshttp://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Input validation error
EUVDB-ID: #VU60513
Risk: Low
CVSSv3.1: 4.1 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-0179
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper use of validation framework in software. A remote attacker on the local network can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIntel Wi-Fi 6E AX210: All versions
Intel Wi-Fi 6 AX201: All versions
Intel Wi-Fi 6 AX200: All versions
Intel Wireless-AC 9560: All versions
Intel Wireless-AC 9462: All versions
Intel Wireless-AC 9461: All versions
Intel Wireless-AC 9260: All versions
Intel Dual Band Wireless-AC 8265: All versions
Intel Dual Band Wireless-AC 8260: All versions
Intel Dual Band Wireless-AC 3168: All versions
Intel Wireless 7265 (Rev D) Family: All versions
Intel Dual Band Wireless-AC 3165: All versions
Intel Wi-Fi 6 AX210: All versions
Killer Wi-Fi 6E AX1675: All versions
Killer Wi-Fi 6 AX1650: All versions
Killer Wireless-AC 1550: All versions
Intel PROSet/Wireless WiFi Software: before 22.60
Intel Active Management Technology Wireless: before 15.0.35
Killer: before 3.0
External linkshttp://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Input validation error
EUVDB-ID: #VU60512
Risk: Low
CVSSv3.1: 4.1 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-0178
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in software. A remote attacker on the local network can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIntel Wi-Fi 6E AX210: All versions
Intel Wi-Fi 6 AX201: All versions
Intel Wi-Fi 6 AX200: All versions
Intel Wireless-AC 9560: All versions
Intel Wireless-AC 9462: All versions
Intel Wireless-AC 9461: All versions
Intel Wireless-AC 9260: All versions
Intel Dual Band Wireless-AC 8265: All versions
Intel Dual Band Wireless-AC 8260: All versions
Intel Dual Band Wireless-AC 3168: All versions
Intel Wireless 7265 (Rev D) Family: All versions
Intel Dual Band Wireless-AC 3165: All versions
Intel Wi-Fi 6 AX210: All versions
Killer Wi-Fi 6E AX1675: All versions
Killer Wi-Fi 6 AX1650: All versions
Killer Wireless-AC 1550: All versions
Intel PROSet/Wireless WiFi Software: before 22.60
Intel Active Management Technology Wireless: before 15.0.35
Killer: before 3.0
External linkshttp://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Input validation error
EUVDB-ID: #VU60511
Risk: Low
CVSSv3.1: 4.1 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-0177
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper validation of consistency within input in software. A remote attacker on the local network can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIntel Wi-Fi 6E AX210: All versions
Intel Wi-Fi 6 AX201: All versions
Intel Wi-Fi 6 AX200: All versions
Intel Wireless-AC 9560: All versions
Intel Wireless-AC 9462: All versions
Intel Wireless-AC 9461: All versions
Intel Wireless-AC 9260: All versions
Intel Dual Band Wireless-AC 8265: All versions
Intel Dual Band Wireless-AC 8260: All versions
Intel Dual Band Wireless-AC 3168: All versions
Intel Wireless 7265 (Rev D) Family: All versions
Intel Dual Band Wireless-AC 3165: All versions
Intel Wi-Fi 6 AX210: All versions
Killer Wi-Fi 6E AX1675: All versions
Killer Wi-Fi 6 AX1650: All versions
Killer Wireless-AC 1550: All versions
Intel PROSet/Wireless WiFi Software: before 22.60
Intel Active Management Technology Wireless: before 15.0.35
Killer: before 3.0
External linkshttp://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Input validation error
EUVDB-ID: #VU60510
Risk: Low
CVSSv3.1: 4.5 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-0176
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in firmware. A local administrator can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIntel Wi-Fi 6E AX210: All versions
Intel Wi-Fi 6 AX201: All versions
Intel Wi-Fi 6 AX200: All versions
Intel Wireless-AC 9560: All versions
Intel Wireless-AC 9462: All versions
Intel Wireless-AC 9461: All versions
Intel Wireless-AC 9260: All versions
Intel Dual Band Wireless-AC 8265: All versions
Intel Dual Band Wireless-AC 8260: All versions
Intel Dual Band Wireless-AC 3168: All versions
Intel Wireless 7265 (Rev D) Family: All versions
Intel Dual Band Wireless-AC 3165: All versions
Intel Wi-Fi 6 AX210: All versions
Killer Wi-Fi 6E AX1675: All versions
Killer Wi-Fi 6 AX1650: All versions
Killer Wireless-AC 1550: All versions
Intel PROSet/Wireless WiFi Software: before 22.60
Intel Active Management Technology Wireless: before 15.0.35
Killer: before 3.0
External linkshttp://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Input validation error
EUVDB-ID: #VU60509
Risk: Low
CVSSv3.1: 4.5 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-0076
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper validation of specified index, position, or offset in Input in firmware. A local administrator can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIntel Wi-Fi 6E AX210: All versions
Intel Wi-Fi 6 AX201: All versions
Intel Wi-Fi 6 AX200: All versions
Intel Wireless-AC 9560: All versions
Intel Wireless-AC 9462: All versions
Intel Wireless-AC 9461: All versions
Intel Wireless-AC 9260: All versions
Intel Dual Band Wireless-AC 8265: All versions
Intel Dual Band Wireless-AC 8260: All versions
Intel Dual Band Wireless-AC 3168: All versions
Intel Wireless 7265 (Rev D) Family: All versions
Intel Dual Band Wireless-AC 3165: All versions
Intel Wi-Fi 6 AX210: All versions
Killer Wi-Fi 6E AX1675: All versions
Killer Wi-Fi 6 AX1650: All versions
Killer Wireless-AC 1550: All versions
Intel PROSet/Wireless WiFi Software: before 22.60
Intel Active Management Technology Wireless: before 15.0.35
Killer: before 3.0
External linkshttp://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Input validation error
EUVDB-ID: #VU60508
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-0175
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper validation of specified index, position, or offset in Input in firmware. A remote attacker on the local network can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIntel Wi-Fi 6E AX210: All versions
Intel Wi-Fi 6 AX201: All versions
Intel Wi-Fi 6 AX200: All versions
Intel Wireless-AC 9560: All versions
Intel Wireless-AC 9462: All versions
Intel Wireless-AC 9461: All versions
Intel Wireless-AC 9260: All versions
Intel Dual Band Wireless-AC 8265: All versions
Intel Dual Band Wireless-AC 8260: All versions
Intel Dual Band Wireless-AC 3168: All versions
Intel Wireless 7265 (Rev D) Family: All versions
Intel Dual Band Wireless-AC 3165: All versions
Intel Wi-Fi 6 AX210: All versions
Killer Wi-Fi 6E AX1675: All versions
Killer Wi-Fi 6 AX1650: All versions
Killer Wireless-AC 1550: All versions
Intel PROSet/Wireless WiFi Software: before 22.60
Intel Active Management Technology Wireless: before 15.0.35
Killer: before 3.0
External linkshttp://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Input validation error
EUVDB-ID: #VU60507
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-0174
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper use of validation framework in firmware. A remote attacker on the local network can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIntel Wi-Fi 6E AX210: All versions
Intel Wi-Fi 6 AX201: All versions
Intel Wi-Fi 6 AX200: All versions
Intel Wireless-AC 9560: All versions
Intel Wireless-AC 9462: All versions
Intel Wireless-AC 9461: All versions
Intel Wireless-AC 9260: All versions
Intel Dual Band Wireless-AC 8265: All versions
Intel Dual Band Wireless-AC 8260: All versions
Intel Dual Band Wireless-AC 3168: All versions
Intel Wireless 7265 (Rev D) Family: All versions
Intel Dual Band Wireless-AC 3165: All versions
Intel Wi-Fi 6 AX210: All versions
Killer Wi-Fi 6E AX1675: All versions
Killer Wi-Fi 6 AX1650: All versions
Killer Wireless-AC 1550: All versions
Intel PROSet/Wireless WiFi Software: before 22.60
Intel Active Management Technology Wireless: before 15.0.35
Killer: before 3.0
External linkshttp://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Input validation error
EUVDB-ID: #VU60506
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-0173
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper validation of consistency within input in firmware. A remote attacker on the local network can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIntel Wi-Fi 6E AX210: All versions
Intel Wi-Fi 6 AX201: All versions
Intel Wi-Fi 6 AX200: All versions
Intel Wireless-AC 9560: All versions
Intel Wireless-AC 9462: All versions
Intel Wireless-AC 9461: All versions
Intel Wireless-AC 9260: All versions
Intel Dual Band Wireless-AC 8265: All versions
Intel Dual Band Wireless-AC 8260: All versions
Intel Dual Band Wireless-AC 3168: All versions
Intel Wireless 7265 (Rev D) Family: All versions
Intel Dual Band Wireless-AC 3165: All versions
Intel Wi-Fi 6 AX210: All versions
Killer Wi-Fi 6E AX1675: All versions
Killer Wi-Fi 6 AX1650: All versions
Killer Wireless-AC 1550: All versions
Intel PROSet/Wireless WiFi Software: before 22.60
Intel Active Management Technology Wireless: before 15.0.35
Killer: before 3.0
External linkshttp://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Improper access control
EUVDB-ID: #VU60504
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-0171
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions in software. A local user can bypass implemented security restrictions and enable information disclosure.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIntel Wi-Fi 6E AX210: All versions
Intel Wi-Fi 6 AX201: All versions
Intel Wi-Fi 6 AX200: All versions
Intel Wireless-AC 9560: All versions
Intel Wireless-AC 9462: All versions
Intel Wireless-AC 9461: All versions
Intel Wireless-AC 9260: All versions
Intel Dual Band Wireless-AC 8265: All versions
Intel Dual Band Wireless-AC 8260: All versions
Intel Dual Band Wireless-AC 3168: All versions
Intel Wireless 7265 (Rev D) Family: All versions
Intel Dual Band Wireless-AC 3165: All versions
Intel Wi-Fi 6 AX210: All versions
Killer Wi-Fi 6E AX1675: All versions
Killer Wi-Fi 6 AX1650: All versions
Killer Wireless-AC 1550: All versions
Intel PROSet/Wireless WiFi Software: before 22.60
Intel Active Management Technology Wireless: before 15.0.35
Killer: before 3.0
External linkshttp://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Input validation error
EUVDB-ID: #VU60494
Risk: Low
CVSSv3.1: 6.2 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-0162
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to escalate privileges on the system.
The vulnerability exists due to insufficient validation of user-supplied input in software. A remote attacker on the local network can pass specially crafted input to the application and gain elevated privileges on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIntel Wi-Fi 6E AX210: All versions
Intel Wi-Fi 6 AX201: All versions
Intel Wi-Fi 6 AX200: All versions
Intel Wireless-AC 9560: All versions
Intel Wireless-AC 9462: All versions
Intel Wireless-AC 9461: All versions
Intel Wireless-AC 9260: All versions
Intel Dual Band Wireless-AC 8265: All versions
Intel Dual Band Wireless-AC 8260: All versions
Intel Dual Band Wireless-AC 3168: All versions
Intel Wireless 7265 (Rev D) Family: All versions
Intel Dual Band Wireless-AC 3165: All versions
Intel Wi-Fi 6 AX210: All versions
Killer Wi-Fi 6E AX1675: All versions
Killer Wi-Fi 6 AX1650: All versions
Killer Wireless-AC 1550: All versions
Intel PROSet/Wireless WiFi Software: before 22.60
Intel Active Management Technology Wireless: before 15.0.35
Killer: before 3.0
External linkshttp://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Information disclosure
EUVDB-ID: #VU60503
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-0170
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to exposure of sensitive information to an unauthorized actor in firmware. A local user can gain unauthorized access to sensitive information on the system.
Install updates from vendor's website.
Vulnerable software versionsIntel Wi-Fi 6E AX210: All versions
Intel Wi-Fi 6 AX201: All versions
Intel Wi-Fi 6 AX200: All versions
Intel Wireless-AC 9560: All versions
Intel Wireless-AC 9462: All versions
Intel Wireless-AC 9461: All versions
Intel Wireless-AC 9260: All versions
Intel Dual Band Wireless-AC 8265: All versions
Intel Dual Band Wireless-AC 8260: All versions
Intel Dual Band Wireless-AC 3168: All versions
Intel Wireless 7265 (Rev D) Family: All versions
Intel Dual Band Wireless-AC 3165: All versions
Intel Wi-Fi 6 AX210: All versions
Killer Wi-Fi 6E AX1675: All versions
Killer Wi-Fi 6 AX1650: All versions
Killer Wireless-AC 1550: All versions
Intel PROSet/Wireless WiFi Software: before 22.60
Intel Active Management Technology Wireless: before 15.0.35
Killer: before 3.0
External linkshttp://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Input validation error
EUVDB-ID: #VU60502
Risk: Low
CVSSv3.1: 3.6 [CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-0168
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to insufficient validation of user-supplied input in firmware. A local administrator can enable escalation of privileges.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIntel Wi-Fi 6E AX210: All versions
Intel Wi-Fi 6 AX201: All versions
Intel Wi-Fi 6 AX200: All versions
Intel Wireless-AC 9560: All versions
Intel Wireless-AC 9462: All versions
Intel Wireless-AC 9461: All versions
Intel Wireless-AC 9260: All versions
Intel Dual Band Wireless-AC 8265: All versions
Intel Dual Band Wireless-AC 8260: All versions
Intel Dual Band Wireless-AC 3168: All versions
Intel Wireless 7265 (Rev D) Family: All versions
Intel Dual Band Wireless-AC 3165: All versions
Intel Wi-Fi 6 AX210: All versions
Killer Wi-Fi 6E AX1675: All versions
Killer Wi-Fi 6 AX1650: All versions
Killer Wireless-AC 1550: All versions
Intel PROSet/Wireless WiFi Software: before 22.60
Intel Active Management Technology Wireless: before 15.0.35
Killer: before 3.0
External linkshttp://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Untrusted search path
EUVDB-ID: #VU60501
Risk: Low
CVSSv3.1: 5.2 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-0169
CWE-ID:
CWE-426 - Untrusted Search Path
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to uncontrolled search path element in software. A local administrator can enable escalation of privileges.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIntel Wi-Fi 6E AX210: All versions
Intel Wi-Fi 6 AX201: All versions
Intel Wi-Fi 6 AX200: All versions
Intel Wireless-AC 9560: All versions
Intel Wireless-AC 9462: All versions
Intel Wireless-AC 9461: All versions
Intel Wireless-AC 9260: All versions
Intel Dual Band Wireless-AC 8265: All versions
Intel Dual Band Wireless-AC 8260: All versions
Intel Dual Band Wireless-AC 3168: All versions
Intel Wireless 7265 (Rev D) Family: All versions
Intel Dual Band Wireless-AC 3165: All versions
Intel Wi-Fi 6 AX210: All versions
Intel PROSet/Wireless WiFi Software: before 22.60
Intel Active Management Technology Wireless: before 15.0.35
External linkshttp://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Improper access control
EUVDB-ID: #VU60500
Risk: Low
CVSSv3.1: 5.2 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-0167
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions in software. A local administrator can bypass implemented security restrictions and gain elevated privileges on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIntel Wi-Fi 6E AX210: All versions
Intel Wi-Fi 6 AX201: All versions
Intel Wi-Fi 6 AX200: All versions
Intel Wireless-AC 9560: All versions
Intel Wireless-AC 9462: All versions
Intel Wireless-AC 9461: All versions
Intel Wireless-AC 9260: All versions
Intel Dual Band Wireless-AC 8265: All versions
Intel Dual Band Wireless-AC 8260: All versions
Intel Dual Band Wireless-AC 3168: All versions
Intel Wireless 7265 (Rev D) Family: All versions
Intel Dual Band Wireless-AC 3165: All versions
Intel Wi-Fi 6 AX210: All versions
Killer Wi-Fi 6E AX1675: All versions
Killer Wi-Fi 6 AX1650: All versions
Killer Wireless-AC 1550: All versions
Intel PROSet/Wireless WiFi Software: before 22.60
Intel Active Management Technology Wireless: before 15.0.35
Killer: before 3.0
External linkshttp://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Input validation error
EUVDB-ID: #VU60499
Risk: Low
CVSSv3.1: 5.3 [CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-0166
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to exposure of sensitive information to an unauthorized actor in firmware. A local administrator can enable escalation of privileges.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIntel Wi-Fi 6E AX210: All versions
Intel Wi-Fi 6 AX201: All versions
Intel Wi-Fi 6 AX200: All versions
Intel Wireless-AC 9560: All versions
Intel Wireless-AC 9462: All versions
Intel Wireless-AC 9461: All versions
Intel Wireless-AC 9260: All versions
Intel Dual Band Wireless-AC 8265: All versions
Intel Dual Band Wireless-AC 8260: All versions
Intel Dual Band Wireless-AC 3168: All versions
Intel Wireless 7265 (Rev D) Family: All versions
Intel Dual Band Wireless-AC 3165: All versions
Intel Wi-Fi 6 AX210: All versions
Killer Wi-Fi 6E AX1675: All versions
Killer Wi-Fi 6 AX1650: All versions
Killer Wireless-AC 1550: All versions
Intel PROSet/Wireless WiFi Software: before 22.60
Intel Active Management Technology Wireless: before 15.0.35
Killer: before 3.0
External linkshttp://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Input validation error
EUVDB-ID: #VU60516
Risk: Low
CVSSv3.1: 5.4 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-0066
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to escalate privileges on the system.
The vulnerability exists due to insufficient validation of user-supplied input in firmware. A local attacker can pass specially crafted input to the application and gain elevated privileges.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIntel Wi-Fi 6E AX210: All versions
Intel Wi-Fi 6 AX201: All versions
Intel Wi-Fi 6 AX200: All versions
Intel Wireless-AC 9560: All versions
Intel Wireless-AC 9462: All versions
Intel Wireless-AC 9461: All versions
Intel Wireless-AC 9260: All versions
Intel Dual Band Wireless-AC 8265: All versions
Intel Dual Band Wireless-AC 8260: All versions
Intel Dual Band Wireless-AC 3168: All versions
Intel Wireless 7265 (Rev D) Family: All versions
Intel Dual Band Wireless-AC 3165: All versions
Intel Wi-Fi 6 AX210: All versions
Killer Wi-Fi 6E AX1675: All versions
Killer Wi-Fi 6 AX1650: All versions
Killer Wireless-AC 1550: All versions
Intel PROSet/Wireless WiFi Software: before 22.60
Intel Active Management Technology Wireless: before 15.0.35
Killer: before 3.0
External linkshttp://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Input validation error
EUVDB-ID: #VU60498
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-0165
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in firmware. A remote attacker on the local network can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIntel Wi-Fi 6E AX210: All versions
Intel Wi-Fi 6 AX201: All versions
Intel Wi-Fi 6 AX200: All versions
Intel Wireless-AC 9560: All versions
Intel Wireless-AC 9462: All versions
Intel Wireless-AC 9461: All versions
Intel Wireless-AC 9260: All versions
Intel Dual Band Wireless-AC 8265: All versions
Intel Dual Band Wireless-AC 8260: All versions
Intel Dual Band Wireless-AC 3168: All versions
Intel Wireless 7265 (Rev D) Family: All versions
Intel Dual Band Wireless-AC 3165: All versions
Intel Wi-Fi 6 AX210: All versions
Killer Wi-Fi 6E AX1675: All versions
Killer Wi-Fi 6 AX1650: All versions
Killer Wireless-AC 1550: All versions
Intel PROSet/Wireless WiFi Software: before 22.60
Intel Active Management Technology Wireless: before 15.0.35
Killer: before 3.0
External linkshttp://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Improper access control
EUVDB-ID: #VU60497
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-0164
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions in firmware. A local user can bypass implemented security restrictions and gain elevated privileges on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIntel Wi-Fi 6E AX210: All versions
Intel Wi-Fi 6 AX201: All versions
Intel Wi-Fi 6 AX200: All versions
Intel Wireless-AC 9560: All versions
Intel Wireless-AC 9462: All versions
Intel Wireless-AC 9461: All versions
Intel Wireless-AC 9260: All versions
Intel Dual Band Wireless-AC 8265: All versions
Intel Dual Band Wireless-AC 8260: All versions
Intel Dual Band Wireless-AC 3168: All versions
Intel Wireless 7265 (Rev D) Family: All versions
Intel Dual Band Wireless-AC 3165: All versions
Intel Wi-Fi 6 AX210: All versions
Killer Wi-Fi 6E AX1675: All versions
Killer Wi-Fi 6 AX1650: All versions
Killer Wireless-AC 1550: All versions
Intel PROSet/Wireless WiFi Software: before 22.60
Intel Active Management Technology Wireless: before 15.0.35
Killer: before 3.0
External linkshttp://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Input validation error
EUVDB-ID: #VU60496
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-0161
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to insufficient validation of user-supplied input in firmware. A local administrator on the local network can pass specially crafted input to the application and gain elevated privileges on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIntel Wi-Fi 6E AX210: All versions
Intel Wi-Fi 6 AX201: All versions
Intel Wi-Fi 6 AX200: All versions
Intel Wireless-AC 9560: All versions
Intel Wireless-AC 9462: All versions
Intel Wireless-AC 9461: All versions
Intel Wireless-AC 9260: All versions
Intel Dual Band Wireless-AC 8265: All versions
Intel Dual Band Wireless-AC 8260: All versions
Intel Dual Band Wireless-AC 3168: All versions
Intel Wireless 7265 (Rev D) Family: All versions
Intel Dual Band Wireless-AC 3165: All versions
Intel Wi-Fi 6 AX210: All versions
Killer Wi-Fi 6E AX1675: All versions
Killer Wi-Fi 6 AX1650: All versions
Killer Wireless-AC 1550: All versions
Intel PROSet/Wireless WiFi Software: before 22.60
Intel Active Management Technology Wireless: before 15.0.35
Killer: before 3.0
External linkshttp://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Input validation error
EUVDB-ID: #VU60495
Risk: Low
CVSSv3.1: 6.2 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-0163
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to escalate privileges on the system.
The vulnerability exists due to improper validation of consistency within input in software. A remote attacker on the local network can pass specially crafted input to the application and gain elevated privileges on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIntel Wi-Fi 6E AX210: All versions
Intel Wi-Fi 6 AX201: All versions
Intel Wi-Fi 6 AX200: All versions
Intel Wireless-AC 9560: All versions
Intel Wireless-AC 9462: All versions
Intel Wireless-AC 9461: All versions
Intel Wireless-AC 9260: All versions
Intel Dual Band Wireless-AC 8265: All versions
Intel Dual Band Wireless-AC 8260: All versions
Intel Dual Band Wireless-AC 3168: All versions
Intel Wireless 7265 (Rev D) Family: All versions
Intel Dual Band Wireless-AC 3165: All versions
Intel Wi-Fi 6 AX210: All versions
Killer Wi-Fi 6E AX1675: All versions
Killer Wi-Fi 6 AX1650: All versions
Killer Wireless-AC 1550: All versions
Intel PROSet/Wireless WiFi Software: before 22.60
Intel Active Management Technology Wireless: before 15.0.35
Killer: before 3.0
External linkshttp://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
