CVE-2022-21240

CWE-125 — Out-of-bounds Read3 documents3 sources

Severity

4.4MEDIUM

EPSS

0.1%

top 65.68%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel Proset Wi-fi 6E Ax210 Firmware Intel Wi-fi 6E Ax211 Firmware Intel Wi-fi 6E Ax411 Firmware +1 more

Timeline

PublishedAug 18

Latest updateAug 19

Description

Out of bounds read for some Intel(R) PROSet/Wireless WiFi products may allow a privileged user to potentially enable information disclosure via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 0.8 | Impact: 3.6

Affected Packages4 packages

▶CVEListV5intel(r)_proset/wireless_wifi_productsSee references

▶NVDintel/proset_wi-fi_6e_ax210_firmware< 22.120

▶NVDintel/wi-fi_6e_ax211_firmware< 22.120

▶NVDintel/wi-fi_6e_ax411_firmware< 22.120

Patches

Patch: www.intel.com ↗Patch: www.intel.com ↗

🔴Vulnerability Details

GHSA

GHSA-98j5-35x9-cvvc: Out of bounds read for some Intel(R) PROSet/Wireless WiFi products may allow a privileged user to potentially enable information disclosure via local↗2022-08-19

▶

CVEList

CVE-2022-21240: Out of bounds read for some Intel(R) PROSet/Wireless WiFi products may allow a privileged user to potentially enable information disclosure via local↗2022-08-18

▶