CVE-2024-23198
Severity
6.8MEDIUM
EPSS
0.1%
top 82.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedNov 13
Description
Improper input validation in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi products before version 23.40 may allow an unauthenticated user to enable denial of service via adjacent access.
CVSS vector
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Affected Packages4 packages
▶CVEListV5intel(r)_proset/wireless_software_and_intel(r)_killer(tm)_wi-fi_productsbefore version 23.40
🔴Vulnerability Details
3GHSA▶
GHSA-r962-v37q-hrg6: Improper input validation in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi products before version 23↗2024-11-13
OSV▶
CVE-2024-23198: Improper input validation in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi products before version 23↗2024-11-13
CVEList▶
CVE-2024-23198: Improper input validation in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi products before version 23↗2024-11-13
📋Vendor Advisories
1Debian▶
CVE-2024-23198: firmware-nonfree - Improper input validation in firmware for some Intel(R) PROSet/Wireless Software...↗2024