Lucene search

K
intelIntel Security CenterINTEL:INTEL-SA-00338
HistoryFeb 11, 2021 - 12:00 a.m.

Intel® PROSet/Wireless WiFi Software Advisory

2021-02-1100:00:00
Intel Security Center
www.intel.com
14

EPSS

0.003

Percentile

69.5%

Summary:

Potential security vulnerabilities in some Intel® PROSet/Wireless WiFi products may allow escalation of privilege or denial of service.** Intel is releasing software updates to mitigate these potential vulnerabilities.**

Vulnerability Details:

CVEID: CVE-2020-0557

Description: Insecure inherited permissions in Intel® PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS Base Score: 6.7 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

CVEID: CVE-2020-0558

Description: Improper buffer restrictions in kernel mode driver for Intel® PROSet/Wireless WiFi products on Windows 10 may allow an unprivileged user to potentially enable denial of service via adjacent access.

CVSS Base Score: 4.3 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CVEID: CVE-2020-0569

Description: Out of bounds write in Intel® PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via adjacent access.

CVSS Base Score: 4.3 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected Products:

Intel® PROSet/Wireless WiFi software for the following products before version 21.70:

Intel® Wi-Fi 6 AX201
Intel® Wi-Fi 6 AX200
Intel® Wireless-AC 9560
Intel® Wireless-AC 9462
Intel® Wireless-AC 9461
Intel® Wireless-AC 9260
Intel® Dual Band Wireless-AC 8265
Intel® Dual Band Wireless-AC 8260
Intel® Dual Band Wireless-AC 3168
Intel® Wireless 7265 (Rev D) Family
Intel® Dual Band Wireless-AC 3165

Recommendations:

Intel recommends updating the drivers and software for Intel® PROSet/Wireless WiFi products on Windows 10 to the versions listed below:

Impacted Product

|

Updated Driver Version

—|—

Intel® Wi-Fi 6 AX201

|

21.70.0.6

Intel® Wi-Fi 6 AX200

|

21.70.0.6

Intel® Wireless-AC 9560

|

21.70.0.6

Intel® Wireless-AC 9462

|

21.70.0.6

Intel® Wireless-AC 9461

|

21.70.0.6

Intel® Wireless-AC 9260

|

21.70.0.6

Intel® Dual Band Wireless-AC 8265

|

20.70.16.4

Intel® Dual Band Wireless-AC 8260

|

20.70.16.4

Intel® Dual Band Wireless-AC 3168

|

19.51.27.1

Intel® Wireless 7265 (Rev D) Family

|

19.51.27.1

Intel® Dual Band Wireless-AC 3165

|

19.51.27.1

Driver and software updates are available for download at this location.

Additional support information is available at the Wireless Support site.

Acknowledgements:

Intel would like to thank Kong, Haikuo Xie, Ying Wang and Andrew Hess for reporting these issues.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.