Potential security vulnerabilities in some Intel® PROSet/Wireless and Intel® Killer™ Wi-Fi software may allow escalation of privilege, information disclosure or denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities.
CVEID: CVE-2023-33875
Description: Improper access control for some Intel® PROSet/Wireless and Intel® Killer™ Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via local access…
CVSS Base Score: 7.1 High
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
CVEID: CVE-2023-28374
Description: Improper input validation for some Intel® PROSet/Wireless and Intel® Killer™ Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVSS Base Score: 6.1 Medium
CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
CVEID: CVE-2023-28720
Description: Improper initialization for some Intel® PROSet/Wireless and Intel® Killer™ Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access…
CVSS Base Score: 6.1 Medium
CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
CVEID: CVE-2023-25951
Description: Improper input validation for some Intel® PROSet/Wireless and Intel® Killer™ Wi-Fi software before version 22.240 may allow a privileged user to potentially enable escalation of privilege via local access.
CVSS Base Score: 6.0 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
CVEID: CVE-2023-32642
Description: Insufficient adherence to expected conventions for some Intel® PROSet/Wireless and Intel® Killer™ Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVSS Base Score: 4.3 Medium
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVEID: CVE-2023-34983
Description: Improper input validation for some Intel® PROSet/Wireless and Intel® Killer™ Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVSS Base Score: 4.3 Medium
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVEID: CVE-2023-35061
Description: Improper initialization for some Intel® PROSet/Wireless and Intel® Killer™ Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
CVSS Base Score: 4.3 Medium
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVEID: CVE-2023-32651
Description: Improper validation of specified type of input for some Intel® PROSet/Wireless and Intel® Killer™ Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVSS Base Score: 4.3 Medium
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVEID: CVE-2023-32644
Description: Protection mechanism failure for some Intel® PROSet/Wireless and Intel® Killer™ Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVSS Base Score: 4.3 Medium
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVEID: CVE-2023-26586
Description: Uncaught exception for some Intel® PROSet/Wireless and Intel® Killer™ Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVSS Base Score: 4.3 Medium
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Intel® PROSet/Wireless Wi-Fi software before version 22.240. Intel® Killer™ Wi-Fi software before version3.1423.712
CVE ID | Affected Products | Affected OS |
---|---|---|
CVE-2023-33875 |
CVE-2023-28720
CVE-2023-32642
CVE-2023-32644
CVE-2023-34983 | Intel® Wi-Fi 6 AX200
Intel® Wi-Fi 6 AX201
Intel® Wi-Fi 6E AX210
Intel® Wi-Fi 6E AX211
Intel® Wi-Fi 6E AX411
Intel® Killer™ Wi-Fi 6 AX1650
Intel® Killer™ Wi-Fi 6E AX1675
Intel® Killer™ Wi-Fi 6E AX1690 | Windows 10 & 11
CVE-2023-35061 | Intel® Wi-Fi 6 AX200
Intel® Wi-Fi 6 AX201
Intel® Wi-Fi 6E AX210
Intel® Wi-Fi 6E AX211
Intel® Wi-Fi 6E AX411
Intel® Wireless-AC 9260
Intel® Wireless-AC 9560
Intel® Killer™ Wi-Fi 6 AX1650
Intel® Killer™ Wi-Fi 6E AX1675
Intel® Killer™ Wi-Fi 6E AX1690 | Windows 10 & 11
Linux
Chrome
CVE-2023-28374
CVE-2023-25951
CVE-2023-26586
CVE-2023-32651 | Intel® Wi-Fi 6E AX210
Intel® Wi-Fi 6E AX211
Intel® Wi-Fi 6E AX411
Intel® Killer™ Wi-Fi 6E AX1675
Intel® Killer™ Wi-Fi 6E AX1690 | Windows 10 & 11
Windows:
Intel recommends updating Intel® PROSet/Wireless Wi-Fi software to version 22.240 or later.
Updates are available for download at this location:
Intel recommends updating Intel® Killer™ Wi-Fi software to version 3.1423.712 or later.
Updates for Intel® Killer™ products are available for download at this location:
Chrome OS:
Intel® PROSet/Wireless Wi-Fi drivers to mitigate this vulnerability will be up streamed to Chromium by September 19, 2023.
For any Google Chrome OS solution and schedule, please contact Google directly.
Linux OS:
Intel® PROSet/Wireless Wi-Fi drivers to mitigate this vulnerability will be up streamed by November 11, 2023.
Consult the regular open-source channels to obtain this update.
These issues were found internally by Intel employees.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.