Intel Security CenterINTEL:INTEL-SA-00699Intel® PROSet/Wireless WiFi, Intel vPro® CSME WiFi and Killer™ WiFi Advisory
Summary:
A potential security vulnerability in some Intel® PROSet/Wireless WiFi, Intel vPro® CSME WiFi and Killer™ WiFi products may allow denial of service.** **Intel is releasing a firmware update to mitigate this potential vulnerability.
Vulnerability Details:
CVEID: CVE-2022-26047
Description: Improper input validation for some Intel® PROSet/Wireless WiFi, Intel vPro® CSME WiFi and Killer™ WiFi products may allow unauthenticated user to potentially enable denial of service via local access.
CVSS Base Score: 4.3 Medium
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L****
Affected Products:
Intel® PROSet/Wireless WiFi firmware before version 22.140, Killer™ WiFi firmware before version 3.1122.3158 and UEFI version 2.2.14.22176.2.
CVE ID
|
Affected Products
|
Affected OS
—|—|—
CVE-2022-26047
|
Intel® Wi-Fi 6E AX411
Intel® Wi-Fi 6E AX211
Intel® Wi-Fi 6E AX210
Intel® Wi-Fi 6 AX201
Intel® Wi-Fi 6 AX200
|
Windows 10 & 11
Linux
Chrome OS
UEFI
CSME
CVE-2022-26047
|
Killer™ Wi-Fi 6E AX1690
Killer™ Wi-Fi 6E AX1675
Killer™ Wi-Fi 6 AX1650
|
Windows 10 & 11
Recommendations:
Windows:
Intel recommends updating Intel® PROSet/Wireless WiFi software to version 22.140 or later.
Updates are available for download at this location:
Intel recommends updating Killer™ WiFi software to version 3.1122.3158 or later.
Updates for Killer™ products are available for download at this location:
UEFI:
Intel recommends updating Intel® PROSet/Wireless WiFi UEFI drivers to version 2.2.14.22176 or later.
Please contact your OEM support group to obtain the correct driver version.
Chrome OS:
Intel® PROSet/Wireless WiFi drivers to mitigate this vulnerability will be up streamed to Chromium by November 08, 2022.
For any Google Chrome OS solution and schedule, please contact Google directly.
Linux OS:
Intel® PROSet/Wireless WiFi drivers to mitigate this vulnerability will be up streamed by November 08, 2022.
Consult the regular open-source channels to obtain this update.
Recommendation for Intel vPRO® CSME WiFi products:
Intel recommends updating Intel vPRO® CSME WiFi products to the following versions or newer.
| Platform | CSME Version | Device |
|---|---|---|
| 12th Generation Intel® Core Processor | 16.1.25.1885v2 |
Intel® Wi-Fi 6E AX211
Intel® Wi-Fi 6E AX210
12th Generation Intel® Core Processor – Performance cores |
16.1.25.1865v6.1
|
Intel® Wi-Fi 6E AX211
Intel® Wi-Fi 6E AX210
11th Generation Intel® Core Processor | 15.0.42.2235 |
Intel® Wi-Fi 6 AX210
Intel® Wi-Fi 6 AX201
Intel® Wi-Fi 6 AX200
10th Generation Intel® Core Processor | 14.1.67.2046 |
Intel® Wi-Fi 6E AX210
Intel® Wi-Fi 6 AX201
ntel® Wi-Fi 6 AX200
9th Generation Intel® Core Processor | 12.0.92.2145v3 | Intel® Wi-Fi 6 AX200
8th Generation Intel® Core Processor | 12.0.92.2145v3 | Intel® Wi-Fi 6 AX200
Intel recommends that users of Intel® vPRO® CSME WiFi products update to the latest version provided by the system manufacturer that addresses these issues.
Acknowledgements:
The following issue was found internally by an Intel employee. Intel would like to thank Julien Lenoir.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.
Related
