CVE-2022-21172 — Out-of-bounds Write in Intel Proset Wi-fi 6E Ax210 Firmware

CWE-787 — Out-of-bounds Write3 documents3 sources

Severity

6.7MEDIUMNVD

EPSS

0.1%

top 65.99%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel Proset Wi-fi 6E Ax210 Firmware Intel Wi-fi 6E Ax211 Firmware Intel Wi-fi 6E Ax411 Firmware +1 more

Timeline

PublishedAug 18

Latest updateAug 19

Description

Out of bounds write for some Intel(R) PROSet/Wireless WiFi products may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages4 packages

▶CVEListV5intel_proset/wireless_wifi_productsSee references

▶NVDintel/proset_wi-fi_6e_ax210_firmware< 22.120

▶NVDintel/wi-fi_6e_ax211_firmware< 22.120

▶NVDintel/wi-fi_6e_ax411_firmware< 22.120

Patches

Patch: www.intel.com ↗Patch: www.intel.com ↗

🔴Vulnerability Details

GHSA

GHSA-46gj-7wx3-prhg: Out of bounds write for some Intel(R) PROSet/Wireless WiFi products may allow a privileged user to potentially enable escalation of privilege via loca↗2022-08-19

▶

CVEList

CVE-2022-21172: Out of bounds write for some Intel(R) PROSet/Wireless WiFi products may allow a privileged user to potentially enable escalation of privilege via loca↗2022-08-18

▶