CVE-2020-0553 — Out-of-bounds Read in Intel AC 3165 Firmware

CWE-125 — Out-of-bounds Read4 documents4 sources

Severity

4.4MEDIUMNVD

EPSS

0.1%

top 83.76%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel AC 3165 Firmware Intel AC 3168 Firmware Intel AC 7265 Firmware +8 more

Timeline

PublishedAug 13

Latest updateMay 24

Description

Out-of-bounds read in kernel mode driver for some Intel(R) Wireless Bluetooth(R) products on Windows* 10, may allow a privileged user to potentially enable information disclosure via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 0.8 | Impact: 3.6

Affected Packages11 packages

▶NVDintel/ax200_firmware< 21.70

▶NVDintel/ax201_firmware< 21.70

▶NVDintel/ac_3165_firmware< 21.70

▶NVDintel/ac_3168_firmware< 21.70

▶NVDintel/ac_7265_firmware< 21.70

Patches

Patch: www.intel.com ↗Patch: www.intel.com ↗

🔴Vulnerability Details

GHSA

GHSA-2rj3-qghx-m6qc: Out-of-bounds read in kernel mode driver for some Intel(R) Wireless Bluetooth(R) products on Windows* 10, may allow a privileged user to potentially e↗2022-05-24

▶

CVEList

CVE-2020-0553: Out-of-bounds read in kernel mode driver for some Intel(R) Wireless Bluetooth(R) products on Windows* 10, may allow a privileged user to potentially e↗2020-08-13

▶

💬Community

Bugzilla

CVE-2019-11291 rabbitmq-server: not properly sanitized user input may lead to XSS↗2019-12-13

▶