CVE-2021-0105

CWE-732 — Incorrect Permission Assignment CWE-276 — Incorrect Default Permissions3 documents3 sources

Severity

7.3HIGH

EPSS

0.1%

top 77.56%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel AC 9461 Firmware Intel AC 9462 Firmware Intel AC 9560 Firmware +3 more

Timeline

PublishedJun 9

Latest updateMay 24

Description

Insecure inherited permissions in some Intel(R) ProSet/Wireless WiFi drivers may allow an authenticated user to potentially enable information disclosure and denial of service via adjacent access.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:HExploitability: 2.1 | Impact: 5.2

Affected Packages6 packages

▶CVEListV5intel(r)_proset/wireless_wifi_driversSee references

▶NVDintel/ac_9461_firmware< 22.0

▶NVDintel/ac_9462_firmware< 22.0

▶NVDintel/ac_9560_firmware< 22.0

▶NVDintel/wi-fi_6_ax200_firmware< 22.0

🔴Vulnerability Details

GHSA

GHSA-89gg-fwfj-q83q: Insecure inherited permissions in some Intel(R) ProSet/Wireless WiFi drivers may allow an authenticated user to potentially enable information disclos↗2022-05-24

▶

CVEList

CVE-2021-0105: Insecure inherited permissions in some Intel(R) ProSet/Wireless WiFi drivers may allow an authenticated user to potentially enable information disclos↗2021-06-09

▶