Intel Security CenterINTEL:INTEL-SA-00338Intel® PROSet/Wireless WiFi Software Advisory
Summary:
Potential security vulnerabilities in some Intel® PROSet/Wireless WiFi products may allow escalation of privilege or denial of service.** Intel is releasing software updates to mitigate these potential vulnerabilities.**
Vulnerability Details:
CVEID: CVE-2020-0557
Description: Insecure inherited permissions in Intel® PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS Base Score: 6.7 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
CVEID: CVE-2020-0558
Description: Improper buffer restrictions in kernel mode driver for Intel® PROSet/Wireless WiFi products on Windows 10 may allow an unprivileged user to potentially enable denial of service via adjacent access.
CVSS Base Score: 4.3 Medium
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVEID: CVE-2020-0569
Description: Out of bounds write in Intel® PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via adjacent access.
CVSS Base Score: 4.3 Medium
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Affected Products:
Intel® PROSet/Wireless WiFi software for the following products before version 21.70:
Intel® Wi-Fi 6 AX201
Intel® Wi-Fi 6 AX200
Intel® Wireless-AC 9560
Intel® Wireless-AC 9462
Intel® Wireless-AC 9461
Intel® Wireless-AC 9260
Intel® Dual Band Wireless-AC 8265
Intel® Dual Band Wireless-AC 8260
Intel® Dual Band Wireless-AC 3168
Intel® Wireless 7265 (Rev D) Family
Intel® Dual Band Wireless-AC 3165
Recommendations:
Intel recommends updating the drivers and software for Intel® PROSet/Wireless WiFi products on Windows 10 to the versions listed below:
Impacted Product
|
Updated Driver Version
—|—
Intel® Wi-Fi 6 AX201
|
21.70.0.6
Intel® Wi-Fi 6 AX200
|
21.70.0.6
Intel® Wireless-AC 9560
|
21.70.0.6
Intel® Wireless-AC 9462
|
21.70.0.6
Intel® Wireless-AC 9461
|
21.70.0.6
Intel® Wireless-AC 9260
|
21.70.0.6
Intel® Dual Band Wireless-AC 8265
|
20.70.16.4
Intel® Dual Band Wireless-AC 8260
|
20.70.16.4
Intel® Dual Band Wireless-AC 3168
|
19.51.27.1
Intel® Wireless 7265 (Rev D) Family
|
19.51.27.1
Intel® Dual Band Wireless-AC 3165
|
19.51.27.1
Driver and software updates are available for download at this location.
Additional support information is available at the Wireless Support site.
Acknowledgements:
Intel would like to thank Kong, Haikuo Xie, Ying Wang and Andrew Hess for reporting these issues.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.
Related
