CVE-2022-21181Improper Input Validation in Intel Dual Band Wireless-ac 8260 Firmware

CWE-20Improper Input Validation5 documents5 sources
Severity
7.8HIGHNVD
EPSS
0.1%
top 73.00%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
Intel Dual Band Wireless-ac 8260 FirmwareIntel Dual Band Wireless-ac 8265 FirmwareIntel Killer AC 1550 Firmware+5 more
Timeline
PublishedAug 18
Latest updateAug 19

Description

Improper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages8 packages

Patches

Patch: www.intel.comPatch: www.intel.com

🔴Vulnerability Details

3
GHSA
GHSA-f9c5-w6cg-h9jq: Improper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escala2022-08-19
OSV
CVE-2022-21181: Improper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escala2022-08-18
CVEList
CVE-2022-21181: Improper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escala2022-08-18

📋Vendor Advisories

1
Debian
CVE-2022-21181: firmware-nonfree - Improper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) ...2022
CVE-2022-21181 — Improper Input Validation in Intel | cvebase