Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
intelIntel Security CenterINTEL:INTEL-SA-00520
HistoryJun 08, 2021 - 12:00 a.m.

Intel® Wireless Bluetooth® and Killer™ Bluetooth® Advisory

2021-06-0800:00:00
Intel Security Center
www.intel.com
27
JSON

Summary:

Potential security vulnerabilities in Intel® Wireless Bluetooth® products and Killer™ Bluetooth® products may allow information disclosure. Intel is releasing firmware updates to mitigate these potential vulnerabilities.

Vulnerability Details:

CVEID: CVE-2020-26555 (Non-Intel issued)

Intel Description (official wording not yet available): Improper access control in some Intel® Wireless Bluetooth® products in multiple operating systems and Killer™ Bluetooth® products in Windows 10 may allow an unauthenticated user to potentially enable information disclosure via adjacent access.

CVSS Base Score: 5.4 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CVEID: CVE-2020-26558 (Non-Intel issued)

Intel Description (official wording not yet available): Improper authentication in some Intel® Wireless Bluetooth® products in multiple operating systems and Killer™ Bluetooth® products in Windows 10 may allow an unauthenticated user to potentially enable information disclosure via adjacent access.

CVSS Base Score: 4.6 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Affected Products:

Intel® Wireless Bluetooth® products:

Intel® Wi-Fi 6 AX210

Intel® Wi-Fi 6 AX201

Intel® Wi-Fi 6 AX200

Intel® Wireless-AC 9560

Intel® Wireless-AC 9462

Intel® Wireless-AC 9461

Intel® Wireless-AC 9260

Intel® Dual Band Wireless-AC 8265

Intel® Dual Band Wireless-AC 8260

Intel® Dual Band Wireless-AC 3168

Intel® Wireless 7265 (Rev D) Family

Intel® Dual Band Wireless-AC 3165

Killer™ Bluetooth® products:

Killer™ Wi-Fi 6E AX1675

Killer™ Wi-Fi 6 AX1650

Killer™ Wireless-AC 1550

Recommendation:

Windows OS:*

Intel recommends updating affected Intel® Wireless Bluetooth® and Killer™ Bluetooth® products to version 22.50 or later.

For Windows* 10, updates are available for download at this location:

<https://www.intel.com/content/www/us/en/support.html&gt;

Customers can also download the latest available firmware from the Intel Customer Support site here.

Updates for Killer™ drivers with Windows 10 are available for download at this location: <https://www.intel.com/content/www/us/en/secure/design/confidential/products-and-solutions/wireless-and-modems/wireless-software/killer-performance-suite.html&gt;

Linux OS:

Intel® Wireless Bluetooth® firmware to mitigate these vulnerabilities will be up streamed to Linux before May 23rd, 2021.

Consult the regular Open Source channels to obtain this update.

Chrome OS:

Intel® Wireless Bluetooth® firmware to mitigate these vulnerabilities will be up streamed to Chromium.

For any Google Chrome OS solution and schedule, please contact Google directly.

Acknowledgements:

These issues were found externally.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

Related

hp 1
openvas 39
fedora 1
cve 2
prion 2
nessus 53
osv 15
debiancve 2
redhatcve 2
ubuntucve 2
veracode 1
cbl_mariner 1
oraclelinux 3
redhat 1
lenovo 1
thn 1
cert 1
mageia 3
debian 5
intel 1
ubuntu 8
suse 4
cloudfoundry 2
gentoo 1
amazon 2
photon 3
slackware 1
ics 1
avleonov 1
hp
hp
Intel® Wireless Bluetooth® and Killer™ Bluetooth® June 2021 Security Update
2021-06-08 00:00:00
openvas
openvas
Fedora: Security Advisory for kernel (FEDORA-2021-a35b44fd9f)
2021-06-03 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1487)
2023-03-09 00:00:00
openSUSE: Security Advisory for bluez (openSUSE-SU-2021:2291-1)
2021-07-13 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: kernel-5.12.7-300.fc34
2021-05-28 01:01:35
cve
cve
CVE-2020-26555
2021-05-24 18:15:00
CVE-2020-26558
2021-05-24 18:15:00
prion
prion
Code injection
2021-05-24 18:15:00
Authentication flaw
2021-05-24 18:15:00
nessus
nessus
RHEL 8 : bluez (RHSA-2021:4432)
2021-11-11 00:00:00
Oracle Linux 8 : bluez (ELSA-2021-4432)
2023-09-07 00:00:00
CentOS 8 : bluez (CESA-2021:4432)
2021-11-11 00:00:00
osv
osv
Bluetooth security notice (VU#799380.7 TLP:AMBER)
2021-06-01 00:00:00
CVE-2020-26558
2021-05-24 18:15:07
Bluetooth security notice: (VU#799380.8 TLP:AMBER)
2021-06-01 00:00:00
debiancve
debiancve
CVE-2020-26555
2021-05-24 18:15:00
CVE-2020-26558
2021-05-24 18:15:00
redhatcve
redhatcve
CVE-2020-26555
2021-05-26 13:14:29
CVE-2020-26558
2021-05-26 13:13:35
ubuntucve
ubuntucve
CVE-2020-26555
2021-05-24 00:00:00
CVE-2020-26558
2021-06-08 00:00:00
veracode
veracode
Man-in-the-middle (MITM)
2021-06-16 13:50:27
cbl_mariner
cbl_mariner
CVE-2020-26558 affecting package kernel 5.10.111.1-1
2022-05-26 19:04:50
oraclelinux
oraclelinux
bluez security update
2021-11-24 00:00:00
Unbreakable Enterprise kernel security update
2024-02-01 00:00:00
Unbreakable Enterprise kernel security update
2024-02-13 00:00:00
redhat
redhat
(RHSA-2021:4432) Moderate: bluez security update
2021-11-09 09:21:28
lenovo
lenovo
Multiple Bluetooth Core Specification Vulnerabilities - Lenovo Support NL
2021-06-08 01:15:10
thn
thn
New Bluetooth Flaws Let Attackers Impersonate Legitimate Devices
2021-05-25 05:17:00
cert
cert
Devices supporting Bluetooth Core and Mesh Specifications are vulnerable to impersonation attacks and AuthValue disclosure
2021-05-24 00:00:00
mageia
mageia
Updated bluez packages fix security vulnerability
2021-06-23 20:11:28
Updated kernel-linus packages fix security vulnerabilities
2023-11-30 01:29:41
Updated kernel packages fix security vulnerabilities and other bugs
2023-11-28 20:12:52
debian
debian
[SECURITY] [DLA 2692-1] bluez security update
2021-06-26 23:26:46
[SECURITY] [DSA 4951-1] bluez security update
2021-08-07 18:51:55
[SECURITY] [DSA 4951-1] bluez security update
2021-08-07 18:51:55
intel
intel
BlueZ Advisory
2021-06-08 00:00:00
ubuntu
ubuntu
BlueZ vulnerabilities
2021-06-16 00:00:00
BlueZ vulnerabilities
2021-06-16 00:00:00
Linux kernel vulnerabilities
2021-07-20 00:00:00
suse
suse
Security update for bluez (moderate)
2021-07-12 00:00:00
Security update for the Linux Kernel (important)
2021-06-28 00:00:00
Security update for the Linux Kernel (important)
2021-06-30 00:00:00
cloudfoundry
cloudfoundry
USN-5017-1: Linux kernel vulnerabilities | Cloud Foundry
2021-09-07 00:00:00
USN-5343-1: Linux kernel vulnerabilities | Cloud Foundry
2022-04-21 00:00:00
gentoo
gentoo
BlueZ: Multiple Vulnerabilities
2022-09-29 00:00:00
amazon
amazon
Important: kernel
2021-07-14 20:35:00
Important: kernel
2021-07-14 20:35:00
photon
photon
Important Photon OS Security Update - PHSA-2021-0278
2021-08-01 00:00:00
Important Photon OS Security Update - PHSA-2021-3.0-0278
2021-08-01 00:00:00
Critical Photon OS Security Update - PHSA-2021-0409
2021-07-01 00:00:00
slackware
slackware
[slackware-security] Slackware 14.2 kernel
2021-07-21 05:44:30
ics
ics
Siemens SIMATIC
2024-03-14 12:00:00
avleonov
avleonov
Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs
2022-12-30 18:03:13
JSON
Related for INTEL:INTEL-SA-00520
hp1openvas39fedora1cve2prion2nessus53osv15debiancve2redhatcve2ubuntucve2veracode1cbl_mariner1oraclelinux3redhat1lenovo1thn1cert1mageia3debian5intel1ubuntu8suse4cloudfoundry2gentoo1amazon2photon3slackware1ics1avleonov1