CVE-2020-12313 — Improper Privilege Management in Intel Proset Wireless Wifi

CWE-269 — Improper Privilege Management4 documents4 sources

Severity

8.8HIGHNVD

EPSS

0.3%

top 43.71%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel Proset Wireless Wifi Intel Proset Wireless Wifi

Timeline

PublishedNov 13

Latest updateMay 24

Description

Insufficient control flow management in some Intel(R) PROSet/Wireless WiFi products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

▶NVDintel/proset_wireless_wifi< 21.110

▶CVEListV5intel_proset/wireless_wifibefore version 21.110

Patches

Patch: www.intel.com ↗Patch: www.intel.com ↗

🔴Vulnerability Details

GHSA

GHSA-5rhm-j8p2-pc44: Insufficient control flow management in some Intel(R) PROSet/Wireless WiFi products before version 21↗2022-05-24

▶

CVEList

CVE-2020-12313: Insufficient control flow management in some Intel(R) PROSet/Wireless WiFi products before version 21↗2020-11-13

▶

OSV

CVE-2020-12313: Insufficient control flow management in some Intel(R) PROSet/Wireless WiFi products before version 21↗2020-11-13

▶