#VU50705 Incomplete cleanup in Intel Hardware solutions

Published: 2021-02-15

Vulnerability identifier: #VU50705

Vulnerability risk: Low

CVSSv3.1: 4.2 [CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-24458


Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
Intel Wi-Fi 6 AX201
Hardware solutions / Firmware
Intel Wi-Fi 6 AX200
Hardware solutions / Firmware
Intel Wireless-AC 9560
Hardware solutions / Firmware
Intel Wireless-AC 9462
Hardware solutions / Firmware
Intel Wireless-AC 9461
Hardware solutions / Firmware
Killer Wi-Fi 6 AX1650
Hardware solutions / Firmware
Killer Wireless-AC 1550
Hardware solutions / Firmware
Hardware solutions / Firmware
Intel PROSet/Wireless WiFi Software
Hardware solutions / Drivers

Vendor: Intel


The vulnerability allows a remote user to compromise the target system.

The vulnerability exists due to an incomplete cleanup. A remote administrator on the local network can enable information disclosure and denial of service.

Install updates from vendor's website.

Vulnerable software versions

Intel Wi-Fi 6 AX201: All versions

Intel Wi-Fi 6 AX200: All versions

Intel Wireless-AC 9560: All versions

Intel Wireless-AC 9462: All versions

Intel Wireless-AC 9461: All versions

Killer Wi-Fi 6 AX1650: All versions

Killer Wireless-AC 1550: All versions

External links

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability