Multiple vulnerabilities in Intel PROSet/Wireless Wi-Fi, AMT Wireless and Killer Wi-Fi Software



Published: 2022-02-10
Risk Medium
Patch available YES
Number of vulnerabilities 23
CVE-ID CVE-2021-0172
CVE-2021-0072
CVE-2021-0183
CVE-2021-0179
CVE-2021-0178
CVE-2021-0177
CVE-2021-0176
CVE-2021-0076
CVE-2021-0175
CVE-2021-0174
CVE-2021-0173
CVE-2021-0171
CVE-2021-0162
CVE-2021-0170
CVE-2021-0168
CVE-2021-0169
CVE-2021-0167
CVE-2021-0166
CVE-2021-0066
CVE-2021-0165
CVE-2021-0164
CVE-2021-0161
CVE-2021-0163
CWE-ID CWE-20
CWE-200
CWE-284
CWE-426
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Intel Wi-Fi 6E AX210
Hardware solutions / Firmware

Intel Wi-Fi 6 AX201
Hardware solutions / Firmware

Intel Wi-Fi 6 AX200
Hardware solutions / Firmware

Intel Wireless-AC 9560
Hardware solutions / Firmware

Intel Wireless-AC 9462
Hardware solutions / Firmware

Intel Wireless-AC 9461
Hardware solutions / Firmware

Intel Wireless-AC 9260
Hardware solutions / Firmware

Intel Dual Band Wireless-AC 8265
Hardware solutions / Firmware

Intel Dual Band Wireless-AC 8260
Hardware solutions / Firmware

Intel Dual Band Wireless-AC 3168
Hardware solutions / Firmware

Intel Wireless 7265 (Rev D) Family
Hardware solutions / Firmware

Intel Dual Band Wireless-AC 3165
Hardware solutions / Firmware

Intel Wi-Fi 6 AX210
Hardware solutions / Firmware

Killer Wi-Fi 6E AX1675
Hardware solutions / Firmware

Killer Wi-Fi 6 AX1650
Hardware solutions / Firmware

Killer Wireless-AC 1550
Hardware solutions / Firmware

Intel Active Management Technology Wireless
Hardware solutions / Firmware

Killer
Hardware solutions / Firmware

Intel PROSet/Wireless WiFi Software
Hardware solutions / Drivers

Vendor Intel

Security Bulletin

This security bulletin contains information about 23 vulnerabilities.

1) Input validation error

EUVDB-ID: #VU60505

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-0172

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in firmware. A remote attacker on the local network can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Intel Wi-Fi 6E AX210: All versions

Intel Wi-Fi 6 AX201: All versions

Intel Wi-Fi 6 AX200: All versions

Intel Wireless-AC 9560: All versions

Intel Wireless-AC 9462: All versions

Intel Wireless-AC 9461: All versions

Intel Wireless-AC 9260: All versions

Intel Dual Band Wireless-AC 8265: All versions

Intel Dual Band Wireless-AC 8260: All versions

Intel Dual Band Wireless-AC 3168: All versions

Intel Wireless 7265 (Rev D) Family: All versions

Intel Dual Band Wireless-AC 3165: All versions

Intel Wi-Fi 6 AX210: All versions

Killer Wi-Fi 6E AX1675: All versions

Killer Wi-Fi 6 AX1650: All versions

Killer Wireless-AC 1550: All versions

Intel PROSet/Wireless WiFi Software: before 22.60

Intel Active Management Technology Wireless: before 11.8.90

Killer: before 3.0


CPE2.3 External links

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Information disclosure

EUVDB-ID: #VU60515

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-0072

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to insufficient validation of user-supplied input in firmware. A local administrator can gain unauthorized access to sensitive information on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Intel Wi-Fi 6E AX210: All versions

Intel Wi-Fi 6 AX201: All versions

Intel Wi-Fi 6 AX200: All versions

Intel Wireless-AC 9560: All versions

Intel Wireless-AC 9462: All versions

Intel Wireless-AC 9461: All versions

Intel Wireless-AC 9260: All versions

Intel Dual Band Wireless-AC 8265: All versions

Intel Dual Band Wireless-AC 8260: All versions

Intel Dual Band Wireless-AC 3168: All versions

Intel Wireless 7265 (Rev D) Family: All versions

Intel Dual Band Wireless-AC 3165: All versions

Intel Wi-Fi 6 AX210: All versions

Killer Wi-Fi 6E AX1675: All versions

Killer Wi-Fi 6 AX1650: All versions

Killer Wireless-AC 1550: All versions

Intel PROSet/Wireless WiFi Software: before 22.60

Intel Active Management Technology Wireless: before 11.8.90

Killer: before 3.0


CPE2.3 External links

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Input validation error

EUVDB-ID: #VU60514

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-0183

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper validation of specified index, position, or offset in Input in software. A remote attacker on the local network can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Intel Wi-Fi 6E AX210: All versions

Intel Wi-Fi 6 AX201: All versions

Intel Wi-Fi 6 AX200: All versions

Intel Wireless-AC 9560: All versions

Intel Wireless-AC 9462: All versions

Intel Wireless-AC 9461: All versions

Intel Wireless-AC 9260: All versions

Intel Dual Band Wireless-AC 8265: All versions

Intel Dual Band Wireless-AC 8260: All versions

Intel Dual Band Wireless-AC 3168: All versions

Intel Wireless 7265 (Rev D) Family: All versions

Intel Dual Band Wireless-AC 3165: All versions

Intel Wi-Fi 6 AX210: All versions

Killer Wi-Fi 6E AX1675: All versions

Killer Wi-Fi 6 AX1650: All versions

Killer Wireless-AC 1550: All versions

Intel PROSet/Wireless WiFi Software: before 22.60

Intel Active Management Technology Wireless: before 11.8.90

Killer: before 3.0


CPE2.3 External links

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) Input validation error

EUVDB-ID: #VU60513

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-0179

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper use of validation framework in software. A remote attacker on the local network can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Intel Wi-Fi 6E AX210: All versions

Intel Wi-Fi 6 AX201: All versions

Intel Wi-Fi 6 AX200: All versions

Intel Wireless-AC 9560: All versions

Intel Wireless-AC 9462: All versions

Intel Wireless-AC 9461: All versions

Intel Wireless-AC 9260: All versions

Intel Dual Band Wireless-AC 8265: All versions

Intel Dual Band Wireless-AC 8260: All versions

Intel Dual Band Wireless-AC 3168: All versions

Intel Wireless 7265 (Rev D) Family: All versions

Intel Dual Band Wireless-AC 3165: All versions

Intel Wi-Fi 6 AX210: All versions

Killer Wi-Fi 6E AX1675: All versions

Killer Wi-Fi 6 AX1650: All versions

Killer Wireless-AC 1550: All versions

Intel PROSet/Wireless WiFi Software: before 22.60

Intel Active Management Technology Wireless: before 11.8.90

Killer: before 3.0


CPE2.3 External links

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

5) Input validation error

EUVDB-ID: #VU60512

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-0178

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in software. A remote attacker on the local network can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Intel Wi-Fi 6E AX210: All versions

Intel Wi-Fi 6 AX201: All versions

Intel Wi-Fi 6 AX200: All versions

Intel Wireless-AC 9560: All versions

Intel Wireless-AC 9462: All versions

Intel Wireless-AC 9461: All versions

Intel Wireless-AC 9260: All versions

Intel Dual Band Wireless-AC 8265: All versions

Intel Dual Band Wireless-AC 8260: All versions

Intel Dual Band Wireless-AC 3168: All versions

Intel Wireless 7265 (Rev D) Family: All versions

Intel Dual Band Wireless-AC 3165: All versions

Intel Wi-Fi 6 AX210: All versions

Killer Wi-Fi 6E AX1675: All versions

Killer Wi-Fi 6 AX1650: All versions

Killer Wireless-AC 1550: All versions

Intel PROSet/Wireless WiFi Software: before 22.60

Intel Active Management Technology Wireless: before 11.8.90

Killer: before 3.0


CPE2.3 External links

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

6) Input validation error

EUVDB-ID: #VU60511

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-0177

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper validation of consistency within input in software. A remote attacker on the local network can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Intel Wi-Fi 6E AX210: All versions

Intel Wi-Fi 6 AX201: All versions

Intel Wi-Fi 6 AX200: All versions

Intel Wireless-AC 9560: All versions

Intel Wireless-AC 9462: All versions

Intel Wireless-AC 9461: All versions

Intel Wireless-AC 9260: All versions

Intel Dual Band Wireless-AC 8265: All versions

Intel Dual Band Wireless-AC 8260: All versions

Intel Dual Band Wireless-AC 3168: All versions

Intel Wireless 7265 (Rev D) Family: All versions

Intel Dual Band Wireless-AC 3165: All versions

Intel Wi-Fi 6 AX210: All versions

Killer Wi-Fi 6E AX1675: All versions

Killer Wi-Fi 6 AX1650: All versions

Killer Wireless-AC 1550: All versions

Intel PROSet/Wireless WiFi Software: before 22.60

Intel Active Management Technology Wireless: before 11.8.90

Killer: before 3.0


CPE2.3 External links

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

7) Input validation error

EUVDB-ID: #VU60510

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-0176

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in firmware. A local administrator can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Intel Wi-Fi 6E AX210: All versions

Intel Wi-Fi 6 AX201: All versions

Intel Wi-Fi 6 AX200: All versions

Intel Wireless-AC 9560: All versions

Intel Wireless-AC 9462: All versions

Intel Wireless-AC 9461: All versions

Intel Wireless-AC 9260: All versions

Intel Dual Band Wireless-AC 8265: All versions

Intel Dual Band Wireless-AC 8260: All versions

Intel Dual Band Wireless-AC 3168: All versions

Intel Wireless 7265 (Rev D) Family: All versions

Intel Dual Band Wireless-AC 3165: All versions

Intel Wi-Fi 6 AX210: All versions

Killer Wi-Fi 6E AX1675: All versions

Killer Wi-Fi 6 AX1650: All versions

Killer Wireless-AC 1550: All versions

Intel PROSet/Wireless WiFi Software: before 22.60

Intel Active Management Technology Wireless: before 11.8.90

Killer: before 3.0


CPE2.3 External links

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

8) Input validation error

EUVDB-ID: #VU60509

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-0076

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper validation of specified index, position, or offset in Input in firmware. A local administrator can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Intel Wi-Fi 6E AX210: All versions

Intel Wi-Fi 6 AX201: All versions

Intel Wi-Fi 6 AX200: All versions

Intel Wireless-AC 9560: All versions

Intel Wireless-AC 9462: All versions

Intel Wireless-AC 9461: All versions

Intel Wireless-AC 9260: All versions

Intel Dual Band Wireless-AC 8265: All versions

Intel Dual Band Wireless-AC 8260: All versions

Intel Dual Band Wireless-AC 3168: All versions

Intel Wireless 7265 (Rev D) Family: All versions

Intel Dual Band Wireless-AC 3165: All versions

Intel Wi-Fi 6 AX210: All versions

Killer Wi-Fi 6E AX1675: All versions

Killer Wi-Fi 6 AX1650: All versions

Killer Wireless-AC 1550: All versions

Intel PROSet/Wireless WiFi Software: before 22.60

Intel Active Management Technology Wireless: before 11.8.90

Killer: before 3.0


CPE2.3 External links

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

9) Input validation error

EUVDB-ID: #VU60508

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-0175

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper validation of specified index, position, or offset in Input in firmware. A remote attacker on the local network can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Intel Wi-Fi 6E AX210: All versions

Intel Wi-Fi 6 AX201: All versions

Intel Wi-Fi 6 AX200: All versions

Intel Wireless-AC 9560: All versions

Intel Wireless-AC 9462: All versions

Intel Wireless-AC 9461: All versions

Intel Wireless-AC 9260: All versions

Intel Dual Band Wireless-AC 8265: All versions

Intel Dual Band Wireless-AC 8260: All versions

Intel Dual Band Wireless-AC 3168: All versions

Intel Wireless 7265 (Rev D) Family: All versions

Intel Dual Band Wireless-AC 3165: All versions

Intel Wi-Fi 6 AX210: All versions

Killer Wi-Fi 6E AX1675: All versions

Killer Wi-Fi 6 AX1650: All versions

Killer Wireless-AC 1550: All versions

Intel PROSet/Wireless WiFi Software: before 22.60

Intel Active Management Technology Wireless: before 11.8.90

Killer: before 3.0


CPE2.3 External links

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

10) Input validation error

EUVDB-ID: #VU60507

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-0174

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper use of validation framework in firmware. A remote attacker on the local network can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Intel Wi-Fi 6E AX210: All versions

Intel Wi-Fi 6 AX201: All versions

Intel Wi-Fi 6 AX200: All versions

Intel Wireless-AC 9560: All versions

Intel Wireless-AC 9462: All versions

Intel Wireless-AC 9461: All versions

Intel Wireless-AC 9260: All versions

Intel Dual Band Wireless-AC 8265: All versions

Intel Dual Band Wireless-AC 8260: All versions

Intel Dual Band Wireless-AC 3168: All versions

Intel Wireless 7265 (Rev D) Family: All versions

Intel Dual Band Wireless-AC 3165: All versions

Intel Wi-Fi 6 AX210: All versions

Killer Wi-Fi 6E AX1675: All versions

Killer Wi-Fi 6 AX1650: All versions

Killer Wireless-AC 1550: All versions

Intel PROSet/Wireless WiFi Software: before 22.60

Intel Active Management Technology Wireless: before 11.8.90

Killer: before 3.0


CPE2.3 External links

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

11) Input validation error

EUVDB-ID: #VU60506

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-0173

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper validation of consistency within input in firmware. A remote attacker on the local network can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Intel Wi-Fi 6E AX210: All versions

Intel Wi-Fi 6 AX201: All versions

Intel Wi-Fi 6 AX200: All versions

Intel Wireless-AC 9560: All versions

Intel Wireless-AC 9462: All versions

Intel Wireless-AC 9461: All versions

Intel Wireless-AC 9260: All versions

Intel Dual Band Wireless-AC 8265: All versions

Intel Dual Band Wireless-AC 8260: All versions

Intel Dual Band Wireless-AC 3168: All versions

Intel Wireless 7265 (Rev D) Family: All versions

Intel Dual Band Wireless-AC 3165: All versions

Intel Wi-Fi 6 AX210: All versions

Killer Wi-Fi 6E AX1675: All versions

Killer Wi-Fi 6 AX1650: All versions

Killer Wireless-AC 1550: All versions

Intel PROSet/Wireless WiFi Software: before 22.60

Intel Active Management Technology Wireless: before 11.8.90

Killer: before 3.0


CPE2.3 External links

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

12) Improper access control

EUVDB-ID: #VU60504

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-0171

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local user to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions in software. A local user can bypass implemented security restrictions and enable information disclosure.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Intel Wi-Fi 6E AX210: All versions

Intel Wi-Fi 6 AX201: All versions

Intel Wi-Fi 6 AX200: All versions

Intel Wireless-AC 9560: All versions

Intel Wireless-AC 9462: All versions

Intel Wireless-AC 9461: All versions

Intel Wireless-AC 9260: All versions

Intel Dual Band Wireless-AC 8265: All versions

Intel Dual Band Wireless-AC 8260: All versions

Intel Dual Band Wireless-AC 3168: All versions

Intel Wireless 7265 (Rev D) Family: All versions

Intel Dual Band Wireless-AC 3165: All versions

Intel Wi-Fi 6 AX210: All versions

Killer Wi-Fi 6E AX1675: All versions

Killer Wi-Fi 6 AX1650: All versions

Killer Wireless-AC 1550: All versions

Intel PROSet/Wireless WiFi Software: before 22.60

Intel Active Management Technology Wireless: before 11.8.90

Killer: before 3.0


CPE2.3 External links

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

13) Input validation error

EUVDB-ID: #VU60494

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-0162

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to insufficient validation of user-supplied input in software. A remote attacker on the local network can pass specially crafted input to the application and gain elevated privileges on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Intel Wi-Fi 6E AX210: All versions

Intel Wi-Fi 6 AX201: All versions

Intel Wi-Fi 6 AX200: All versions

Intel Wireless-AC 9560: All versions

Intel Wireless-AC 9462: All versions

Intel Wireless-AC 9461: All versions

Intel Wireless-AC 9260: All versions

Intel Dual Band Wireless-AC 8265: All versions

Intel Dual Band Wireless-AC 8260: All versions

Intel Dual Band Wireless-AC 3168: All versions

Intel Wireless 7265 (Rev D) Family: All versions

Intel Dual Band Wireless-AC 3165: All versions

Intel Wi-Fi 6 AX210: All versions

Killer Wi-Fi 6E AX1675: All versions

Killer Wi-Fi 6 AX1650: All versions

Killer Wireless-AC 1550: All versions

Intel PROSet/Wireless WiFi Software: before 22.60

Intel Active Management Technology Wireless: before 11.8.90

Killer: before 3.0


CPE2.3 External links

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

14) Information disclosure

EUVDB-ID: #VU60503

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-0170

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to exposure of sensitive information to an unauthorized actor in firmware. A local user can gain unauthorized access to sensitive information on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Intel Wi-Fi 6E AX210: All versions

Intel Wi-Fi 6 AX201: All versions

Intel Wi-Fi 6 AX200: All versions

Intel Wireless-AC 9560: All versions

Intel Wireless-AC 9462: All versions

Intel Wireless-AC 9461: All versions

Intel Wireless-AC 9260: All versions

Intel Dual Band Wireless-AC 8265: All versions

Intel Dual Band Wireless-AC 8260: All versions

Intel Dual Band Wireless-AC 3168: All versions

Intel Wireless 7265 (Rev D) Family: All versions

Intel Dual Band Wireless-AC 3165: All versions

Intel Wi-Fi 6 AX210: All versions

Killer Wi-Fi 6E AX1675: All versions

Killer Wi-Fi 6 AX1650: All versions

Killer Wireless-AC 1550: All versions

Intel PROSet/Wireless WiFi Software: before 22.60

Intel Active Management Technology Wireless: before 11.8.90

Killer: before 3.0


CPE2.3 External links

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

15) Input validation error

EUVDB-ID: #VU60502

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-0168

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to insufficient validation of user-supplied input in firmware. A local administrator can enable escalation of privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Intel Wi-Fi 6E AX210: All versions

Intel Wi-Fi 6 AX201: All versions

Intel Wi-Fi 6 AX200: All versions

Intel Wireless-AC 9560: All versions

Intel Wireless-AC 9462: All versions

Intel Wireless-AC 9461: All versions

Intel Wireless-AC 9260: All versions

Intel Dual Band Wireless-AC 8265: All versions

Intel Dual Band Wireless-AC 8260: All versions

Intel Dual Band Wireless-AC 3168: All versions

Intel Wireless 7265 (Rev D) Family: All versions

Intel Dual Band Wireless-AC 3165: All versions

Intel Wi-Fi 6 AX210: All versions

Killer Wi-Fi 6E AX1675: All versions

Killer Wi-Fi 6 AX1650: All versions

Killer Wireless-AC 1550: All versions

Intel PROSet/Wireless WiFi Software: before 22.60

Intel Active Management Technology Wireless: before 11.8.90

Killer: before 3.0


CPE2.3 External links

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

16) Untrusted search path

EUVDB-ID: #VU60501

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-0169

CWE-ID: CWE-426 - Untrusted Search Path

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to uncontrolled search path element in software. A local administrator can enable escalation of privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Intel Wi-Fi 6E AX210: All versions

Intel Wi-Fi 6 AX201: All versions

Intel Wi-Fi 6 AX200: All versions

Intel Wireless-AC 9560: All versions

Intel Wireless-AC 9462: All versions

Intel Wireless-AC 9461: All versions

Intel Wireless-AC 9260: All versions

Intel Dual Band Wireless-AC 8265: All versions

Intel Dual Band Wireless-AC 8260: All versions

Intel Dual Band Wireless-AC 3168: All versions

Intel Wireless 7265 (Rev D) Family: All versions

Intel Dual Band Wireless-AC 3165: All versions

Intel Wi-Fi 6 AX210: All versions

Intel PROSet/Wireless WiFi Software: before 22.60

Intel Active Management Technology Wireless: before 11.8.90


CPE2.3 External links

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

17) Improper access control

EUVDB-ID: #VU60500

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-0167

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local user to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions in software. A local administrator can bypass implemented security restrictions and gain elevated privileges on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Intel Wi-Fi 6E AX210: All versions

Intel Wi-Fi 6 AX201: All versions

Intel Wi-Fi 6 AX200: All versions

Intel Wireless-AC 9560: All versions

Intel Wireless-AC 9462: All versions

Intel Wireless-AC 9461: All versions

Intel Wireless-AC 9260: All versions

Intel Dual Band Wireless-AC 8265: All versions

Intel Dual Band Wireless-AC 8260: All versions

Intel Dual Band Wireless-AC 3168: All versions

Intel Wireless 7265 (Rev D) Family: All versions

Intel Dual Band Wireless-AC 3165: All versions

Intel Wi-Fi 6 AX210: All versions

Killer Wi-Fi 6E AX1675: All versions

Killer Wi-Fi 6 AX1650: All versions

Killer Wireless-AC 1550: All versions

Intel PROSet/Wireless WiFi Software: before 22.60

Intel Active Management Technology Wireless: before 11.8.90

Killer: before 3.0


CPE2.3 External links

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

18) Input validation error

EUVDB-ID: #VU60499

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-0166

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to exposure of sensitive information to an unauthorized actor in firmware. A local administrator can enable escalation of privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Intel Wi-Fi 6E AX210: All versions

Intel Wi-Fi 6 AX201: All versions

Intel Wi-Fi 6 AX200: All versions

Intel Wireless-AC 9560: All versions

Intel Wireless-AC 9462: All versions

Intel Wireless-AC 9461: All versions

Intel Wireless-AC 9260: All versions

Intel Dual Band Wireless-AC 8265: All versions

Intel Dual Band Wireless-AC 8260: All versions

Intel Dual Band Wireless-AC 3168: All versions

Intel Wireless 7265 (Rev D) Family: All versions

Intel Dual Band Wireless-AC 3165: All versions

Intel Wi-Fi 6 AX210: All versions

Killer Wi-Fi 6E AX1675: All versions

Killer Wi-Fi 6 AX1650: All versions

Killer Wireless-AC 1550: All versions

Intel PROSet/Wireless WiFi Software: before 22.60

Intel Active Management Technology Wireless: before 11.8.90

Killer: before 3.0


CPE2.3 External links

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

19) Input validation error

EUVDB-ID: #VU60516

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-0066

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a local attacker to escalate privileges on the system.

The vulnerability exists due to insufficient validation of user-supplied input in firmware. A local attacker can pass specially crafted input to the application and gain elevated privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Intel Wi-Fi 6E AX210: All versions

Intel Wi-Fi 6 AX201: All versions

Intel Wi-Fi 6 AX200: All versions

Intel Wireless-AC 9560: All versions

Intel Wireless-AC 9462: All versions

Intel Wireless-AC 9461: All versions

Intel Wireless-AC 9260: All versions

Intel Dual Band Wireless-AC 8265: All versions

Intel Dual Band Wireless-AC 8260: All versions

Intel Dual Band Wireless-AC 3168: All versions

Intel Wireless 7265 (Rev D) Family: All versions

Intel Dual Band Wireless-AC 3165: All versions

Intel Wi-Fi 6 AX210: All versions

Killer Wi-Fi 6E AX1675: All versions

Killer Wi-Fi 6 AX1650: All versions

Killer Wireless-AC 1550: All versions

Intel PROSet/Wireless WiFi Software: before 22.60

Intel Active Management Technology Wireless: before 11.8.90

Killer: before 3.0


CPE2.3 External links

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

20) Input validation error

EUVDB-ID: #VU60498

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-0165

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in firmware. A remote attacker on the local network can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Intel Wi-Fi 6E AX210: All versions

Intel Wi-Fi 6 AX201: All versions

Intel Wi-Fi 6 AX200: All versions

Intel Wireless-AC 9560: All versions

Intel Wireless-AC 9462: All versions

Intel Wireless-AC 9461: All versions

Intel Wireless-AC 9260: All versions

Intel Dual Band Wireless-AC 8265: All versions

Intel Dual Band Wireless-AC 8260: All versions

Intel Dual Band Wireless-AC 3168: All versions

Intel Wireless 7265 (Rev D) Family: All versions

Intel Dual Band Wireless-AC 3165: All versions

Intel Wi-Fi 6 AX210: All versions

Killer Wi-Fi 6E AX1675: All versions

Killer Wi-Fi 6 AX1650: All versions

Killer Wireless-AC 1550: All versions

Intel PROSet/Wireless WiFi Software: before 22.60

Intel Active Management Technology Wireless: before 11.8.90

Killer: before 3.0


CPE2.3 External links

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

21) Improper access control

EUVDB-ID: #VU60497

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-0164

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local user to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions in firmware. A local user can bypass implemented security restrictions and gain elevated privileges on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Intel Wi-Fi 6E AX210: All versions

Intel Wi-Fi 6 AX201: All versions

Intel Wi-Fi 6 AX200: All versions

Intel Wireless-AC 9560: All versions

Intel Wireless-AC 9462: All versions

Intel Wireless-AC 9461: All versions

Intel Wireless-AC 9260: All versions

Intel Dual Band Wireless-AC 8265: All versions

Intel Dual Band Wireless-AC 8260: All versions

Intel Dual Band Wireless-AC 3168: All versions

Intel Wireless 7265 (Rev D) Family: All versions

Intel Dual Band Wireless-AC 3165: All versions

Intel Wi-Fi 6 AX210: All versions

Killer Wi-Fi 6E AX1675: All versions

Killer Wi-Fi 6 AX1650: All versions

Killer Wireless-AC 1550: All versions

Intel PROSet/Wireless WiFi Software: before 22.60

Intel Active Management Technology Wireless: before 11.8.90

Killer: before 3.0


CPE2.3 External links

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

22) Input validation error

EUVDB-ID: #VU60496

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-0161

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to insufficient validation of user-supplied input in firmware. A local administrator on the local network can pass specially crafted input to the application and gain elevated privileges on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Intel Wi-Fi 6E AX210: All versions

Intel Wi-Fi 6 AX201: All versions

Intel Wi-Fi 6 AX200: All versions

Intel Wireless-AC 9560: All versions

Intel Wireless-AC 9462: All versions

Intel Wireless-AC 9461: All versions

Intel Wireless-AC 9260: All versions

Intel Dual Band Wireless-AC 8265: All versions

Intel Dual Band Wireless-AC 8260: All versions

Intel Dual Band Wireless-AC 3168: All versions

Intel Wireless 7265 (Rev D) Family: All versions

Intel Dual Band Wireless-AC 3165: All versions

Intel Wi-Fi 6 AX210: All versions

Killer Wi-Fi 6E AX1675: All versions

Killer Wi-Fi 6 AX1650: All versions

Killer Wireless-AC 1550: All versions

Intel PROSet/Wireless WiFi Software: before 22.60

Intel Active Management Technology Wireless: before 11.8.90

Killer: before 3.0


CPE2.3 External links

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

23) Input validation error

EUVDB-ID: #VU60495

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-0163

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to improper validation of consistency within input in software. A remote attacker on the local network can pass specially crafted input to the application and gain elevated privileges on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Intel Wi-Fi 6E AX210: All versions

Intel Wi-Fi 6 AX201: All versions

Intel Wi-Fi 6 AX200: All versions

Intel Wireless-AC 9560: All versions

Intel Wireless-AC 9462: All versions

Intel Wireless-AC 9461: All versions

Intel Wireless-AC 9260: All versions

Intel Dual Band Wireless-AC 8265: All versions

Intel Dual Band Wireless-AC 8260: All versions

Intel Dual Band Wireless-AC 3168: All versions

Intel Wireless 7265 (Rev D) Family: All versions

Intel Dual Band Wireless-AC 3165: All versions

Intel Wi-Fi 6 AX210: All versions

Killer Wi-Fi 6E AX1675: All versions

Killer Wi-Fi 6 AX1650: All versions

Killer Wireless-AC 1550: All versions

Intel PROSet/Wireless WiFi Software: before 22.60

Intel Active Management Technology Wireless: before 11.8.90

Killer: before 3.0


CPE2.3 External links

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###