CVE-2024-25563

CWE-6655 documents5 sources
Severity
4.6MEDIUM
EPSS
0.1%
top 72.97%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Intel KillerIntel Proset\/wireless WifiIntel(r) Proset Wireless Software AND Intel(r) Killer(tm) Wi-fi
Timeline
PublishedNov 13

Description

Improper initialization in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi before version 23.40 may allow a privileged user to potentially enable information disclosure via local access.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Affected Packages4 packages

NVDintel/killer< 23.40.0
Debianfirmware-nonfree< 20240610-1+1

🔴Vulnerability Details

3
OSV
CVE-2024-25563: Improper initialization in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi before version 232024-11-13
CVEList
CVE-2024-25563: Improper initialization in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi before version 232024-11-13
GHSA
GHSA-9hqp-3p4c-742r: Improper initialization in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi before version 232024-11-13

📋Vendor Advisories

1
Debian
CVE-2024-25563: firmware-nonfree - Improper initialization in firmware for some Intel(R) PROSet/Wireless Software a...2024
CVE-2024-25563 (MEDIUM CVSS 4.6) | Improper initialization in firmware | cvebase.io