CVE-2020-0554 — Race Condition in Intel AC 3165 Firmware

CWE-362 — Race Condition3 documents3 sources

Severity

7.0HIGHNVD

EPSS

1.5%

top 19.00%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel AC 3165 Firmware Intel AC 3168 Firmware Intel AC 7265 Firmware +8 more

Timeline

PublishedAug 13

Latest updateMay 24

Description

Race condition in software installer for some Intel(R) Wireless Bluetooth(R) products on Windows* 7, 8.1 and 10 may allow an unprivileged user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages11 packages

▶NVDintel/ax200_firmware< 21.70+1

▶NVDintel/ax201_firmware< 21.70+1

▶NVDintel/ac_3165_firmware< 21.70+1

▶NVDintel/ac_3168_firmware< 21.70+1

▶NVDintel/ac_7265_firmware< 21.70+1

Patches

Patch: www.intel.com ↗Patch: www.intel.com ↗

🔴Vulnerability Details

GHSA

GHSA-q464-q2vj-24m2: Race condition in software installer for some Intel(R) Wireless Bluetooth(R) products on Windows* 7, 8↗2022-05-24

▶

CVEList

CVE-2020-0554: Race condition in software installer for some Intel(R) Wireless Bluetooth(R) products on Windows* 7, 8↗2020-08-13

▶