Risk | Low |
Patch available | YES |
Number of vulnerabilities | 4 |
CVE-ID | CVE-2021-33847 CVE-2021-26257 CVE-2021-26950 CVE-2021-23179 |
CWE-ID | CWE-119 CWE-125 |
Exploitation vector | Local |
Public exploit | N/A |
Vulnerable software Subscribe |
Intel Wi-Fi 6 AX411 Hardware solutions / Firmware Intel Wi-Fi 6 AX211 Hardware solutions / Firmware Intel Wi-Fi 6 AX210 Hardware solutions / Firmware Intel Wi-Fi 6 AX201 Hardware solutions / Firmware Intel Wi-Fi 6 AX200 Hardware solutions / Firmware Intel Wireless-AC 9560 Hardware solutions / Firmware Intel Wireless-AC 9462 Hardware solutions / Firmware Intel Wireless-AC 9461 Hardware solutions / Firmware Intel Wireless-AC 9260 Hardware solutions / Firmware Intel Dual Band Wireless-AC 8265 Hardware solutions / Firmware Intel Dual Band Wireless-AC 8260 Hardware solutions / Firmware Intel Dual Band Wireless-AC 3168 Hardware solutions / Firmware Intel Wireless 7265 (Rev D) Family Hardware solutions / Firmware Intel Dual Band Wireless-AC 3165 Hardware solutions / Firmware Killer Wi-Fi 6E AX1690 Hardware solutions / Firmware Killer Wi-Fi 6E AX1675 Hardware solutions / Firmware Killer Wi-Fi 6 AX1650 Hardware solutions / Firmware Killer Wireless-AC 1550 Hardware solutions / Firmware |
Vendor |
This security bulletin contains information about 4 vulnerabilities.
EUVDB-ID: #VU66421
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2021-33847
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in firmware. A local user can trigger memory corruption and gain elevated privileges on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIntel Wi-Fi 6 AX411: before 22.120
Intel Wi-Fi 6 AX211: before 22.120
Intel Wi-Fi 6 AX210: before 22.120
Intel Wi-Fi 6 AX201: before 22.120
Intel Wi-Fi 6 AX200: before 22.120
Intel Wireless-AC 9560: before 22.120
Intel Wireless-AC 9462: before 22.120
Intel Wireless-AC 9461: before 22.120
Intel Wireless-AC 9260: before 22.120
Intel Dual Band Wireless-AC 8265: before 22.120
Intel Dual Band Wireless-AC 8260: before 22.120
Intel Dual Band Wireless-AC 3168: before 22.120
Intel Wireless 7265 (Rev D) Family: before 22.120
Intel Dual Band Wireless-AC 3165: before 22.120
Killer Wi-Fi 6E AX1690: before 22.120
Killer Wi-Fi 6E AX1675: before 22.120
Killer Wi-Fi 6 AX1650: before 22.120
Killer Wireless-AC 1550: before 22.120
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00628.html
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
EUVDB-ID: #VU66423
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2021-26257
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in firmware. A local user can trigger memory corruption and cause a denial of service condition on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIntel Wi-Fi 6 AX411: before 22.120
Intel Wi-Fi 6 AX211: before 22.120
Intel Wi-Fi 6 AX210: before 22.120
Intel Wi-Fi 6 AX201: before 22.120
Intel Wi-Fi 6 AX200: before 22.120
Intel Wireless-AC 9560: before 22.120
Intel Wireless-AC 9462: before 22.120
Intel Wireless-AC 9461: before 22.120
Intel Wireless-AC 9260: before 22.120
Intel Dual Band Wireless-AC 8265: before 22.120
Intel Dual Band Wireless-AC 8260: before 22.120
Intel Dual Band Wireless-AC 3168: before 22.120
Intel Wireless 7265 (Rev D) Family: before 22.120
Intel Dual Band Wireless-AC 3165: before 22.120
Killer Wi-Fi 6E AX1690: before 22.120
Killer Wi-Fi 6E AX1675: before 22.120
Killer Wi-Fi 6 AX1650: before 22.120
Killer Wireless-AC 1550: before 22.120
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00628.html
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
EUVDB-ID: #VU66424
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2021-26950
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition in firmware. A local user can trigger out-of-bounds read error and cause a denial of service condition on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIntel Wi-Fi 6 AX411: before 22.120
Intel Wi-Fi 6 AX211: before 22.120
Intel Wi-Fi 6 AX210: before 22.120
Intel Wi-Fi 6 AX201: before 22.120
Intel Wi-Fi 6 AX200: before 22.120
Intel Wireless-AC 9560: before 22.120
Intel Wireless-AC 9462: before 22.120
Intel Wireless-AC 9461: before 22.120
Intel Wireless-AC 9260: before 22.120
Intel Dual Band Wireless-AC 8265: before 22.120
Intel Dual Band Wireless-AC 8260: before 22.120
Intel Dual Band Wireless-AC 3168: before 22.120
Intel Wireless 7265 (Rev D) Family: before 22.120
Intel Dual Band Wireless-AC 3165: before 22.120
Killer Wi-Fi 6E AX1690: before 22.120
Killer Wi-Fi 6E AX1675: before 22.120
Killer Wi-Fi 6 AX1650: before 22.120
Killer Wireless-AC 1550: before 22.120
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00628.html
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
EUVDB-ID: #VU66425
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2021-23179
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local userto gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in firmware. A local administrator can trigger out-of-bounds read error and read contents of memory on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIntel Wi-Fi 6 AX411: before 22.120
Intel Wi-Fi 6 AX211: before 22.120
Intel Wi-Fi 6 AX210: before 22.120
Intel Wi-Fi 6 AX201: before 22.120
Intel Wi-Fi 6 AX200: before 22.120
Intel Wireless-AC 9560: before 22.120
Intel Wireless-AC 9462: before 22.120
Intel Wireless-AC 9461: before 22.120
Intel Wireless-AC 9260: before 22.120
Intel Dual Band Wireless-AC 8265: before 22.120
Intel Dual Band Wireless-AC 8260: before 22.120
Intel Dual Band Wireless-AC 3168: before 22.120
Intel Wireless 7265 (Rev D) Family: before 22.120
Intel Dual Band Wireless-AC 3165: before 22.120
Killer Wi-Fi 6E AX1690: before 22.120
Killer Wi-Fi 6E AX1675: before 22.120
Killer Wi-Fi 6 AX1650: before 22.120
Killer Wireless-AC 1550: before 22.120
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00628.html
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?