CVE-2020-0569

CWE-787 — Out-of-bounds Write CWE-7313 documents10 sources

Severity

5.7MEDIUM

EPSS

0.3%

top 43.98%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel 7265 Firmware Intel AC 3165 Firmware Intel AC 3168 Firmware +13 more

Timeline

PublishedNov 23

Latest updateMay 24

Description

Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.1 | Impact: 3.6

Affected Packages15 packages

▶CVEListV5intel(r)_proset/wireless_wifi_products_on_windows_10before version 21.70

▶NVDintel/7265_firmware< 21.70

▶NVDintel/ax200_firmware< 21.70

▶NVDintel/ax201_firmware< 21.70

▶NVDintel/ac_3165_firmware< 21.70

Also affects: Debian Linux 10.0, 8.0, 9.0, Ubuntu Linux 16.04, 18.04, 19.10

Patches

Patch: www.intel.com ↗Patch: www.intel.com ↗

🔴Vulnerability Details

GHSA

GHSA-jmp3-vh9c-94m8: Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service vi↗2022-05-24

▶

CVEList

CVE-2020-0569: Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service vi↗2020-11-23

▶

OSV

CVE-2020-0569: Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service vi↗2020-11-23

▶

📋Vendor Advisories

Microsoft

Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access.↗2020-11-10

▶

Ubuntu

Qt vulnerabilities↗2020-02-10

▶

Red Hat

qt: files placed by attacker can influence the working directory and lead to malicious code execution↗2020-02-07

▶

Debian

CVE-2020-0569: qtbase-opensource-src - Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may ...↗2020

▶

💬Community

Bugzilla

CVE-2020-0569 qt5-qtbase: qt: files placed by attacker can influence the working directory and lead to malicious code execution [epel-6]↗2020-03-18

▶

Bugzilla

CVE-2020-0569 qt5-qtbase: qt: files placed by attacker can influence the working directory and lead to malicious code execution [fedora-all]↗2020-03-17

▶

Bugzilla

CVE-2020-0569 qt: files placed by attacker can influence the working directory and lead to malicious code execution [fedora-all]↗2020-02-07

▶

Bugzilla

CVE-2020-0569 qt: files placed by attacker can influence the working directory and lead to malicious code execution↗2020-02-07

▶