Wireless Ac 9560 Firmware
CVE-2022-21139
HIGH
Severity by source
AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Inadequate encryption strength for some Intel(R) PROSet/Wireless WiFi products may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
AnalysisAI
Inadequate encryption strength for some Intel(R) PROSet/Wireless WiFi products may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.
Technical ContextAI
This vulnerability is classified under CWE-326. Inadequate encryption strength for some Intel(R) PROSet/Wireless WiFi products may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. Affected products include: Intel Wireless-Ac 9560 Firmware, Intel Wireless-Ac 9462 Firmware, Intel Wireless-Ac 9461 Firmware, Intel Wireless-Ac 9260 Firmware, Intel Proset Wi-Fi 6E Ax210 Firmware.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Wireless Ac 9560 Firmware
View allImproper buffer restriction in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthent
Memory corruption issues in Intel(R) WIFI Drivers before version 21.40 may allow a privileged user to potentially enable
Improper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged use
Memory corruption issues in Intel(R) WIFI Drivers before version 21.40 may allow a privileged user to potentially enable
Improper input validation for some Intel(R) PROSet/Wireless WiFi products may allow an unauthenticated user to potential
Improper buffer restrictions for some Intel(R) PROSet/Wireless WiFi products may allow an unauthenticated user to potent
Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi software before version 22.140 may allow an unauthenticated u
Improper input validation for some Intel(R) PROSet/Wireless WiFi products may allow an unauthenticated user to potential
Improper input validation in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthentic
Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user
Same weakness CWE-326 – Inadequate Encryption Strength
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today