31 matches found
CVE-2020-24587
CVE-2020-24587 is referenced in the Amazon Linux 2 kernel advisory for Kernel-5.10-2022-002. The connected document confirms a flaw in the Linux kernel 802.11 wifi fragmentation handling where fragments encrypted under different keys can be reassembled and decrypted, enabling an attacker within w...
CVE-2020-24588
The CVE-2020-24588 entry relates to the 802.11 Wi‑Fi fragmentation/ A‑MSDU handling issue where the plaintext QoS header flag isn’t authenticated, enabling an attacker to inject packets by sending non‑SSP A‑MSDU frames (FragAttacks). Connected Astra Linux advisories describe this as a variant of ...
CVE-2020-26558
CVE-2020-26558: Bluetooth Core 2.1–5.2 Passkey entry/mitm reflection vulnerability. Nearby attacker could identify the Passkey during pairing by reflecting public key and authentication evidence, enabling completion of authenticated pairing with the correct Passkey. Astra Linux bulletin repeats t...
CVE-2020-24586
CVE-2020-24586 describes a fragmentation cache issue in the Linux kernel Wi‑Fi stack: received fragments are not cleared from memory on reconnect, enabling an attacker within Wi‑Fi range to inject arbitrary packets or exfiltrate data when fragments encrypted with WEP/CCMP/GCMP are involved. Conne...
CVE-2020-26139
CVE-2020-26139 affects NetBSD 7.1 kernel as described in connected documents. An Access Point forwards EAPOL frames to other clients before the sender has successfully authenticated, which may enable denial-of-service attacks against connected clients in Wi‑Fi networks and could facilitate exploi...
CVE-2020-0569
CVE-2020-0569 : Intel® PROSet/Wireless WiFi software for Windows 10 is affected by an out-of-bounds write vulnerability that could allow an authenticated local user to cause a denial of service via adjacent access. Intel’s advisory lists affected products including Intel® Wi-Fi 6 AX201/AX200, Wir...
CVE-2020-26140
The CVE-2020-26140 entry is covered in ARISTA Security Advisory 0063, which groups it under the FragAttacks fragmentation/aggregation vulnerabilities. The advisory states that plaintext data frames are accepted on encrypted networks, enabling packet injection. Fixes are provided as platform-speci...
CVE-2020-26555
Technical details beyond the initial description are not publicly provided in the connected documents. CVE-2020-26555 relates to Bluetooth BR/EDR PIN pairing impersonation as described; monitor for vendor/advisory updates for fixes and impact.
CVE-2021-33139
Technical details about CVE-2021-33139 are not publicly provided in the supplied documents. Monitor for updates from vendors and security advisories.
CVE-2021-33155
CVE-2021-33155 affects Intel Wireless/Bluetooth and Killer Bluetooth firmware prior to 22.100. It arises from improper input validation and may allow an authenticated user to cause a denial of service via adjacent access. Remediation is to upgrade to firmware version 22.100 or newer (per the prov...
CVE-2021-33110
CVE-2021-33110 involves improper input validation in Intel® Wireless Bluetooth® products and Killer™ Bluetooth® products on Windows 10/11 before version 22.80, potentially allowing an unauthenticated user to cause denial of service via adjacent access. The advisory Intel-SA-00581 lists affected I...
CVE-2021-33114
CVE-2021-33114 concerns improper input validation in Intel PROSet/Wireless WiFi and Killer WiFi software, potentially allowing an authenticated user to cause a denial of service via adjacent access. The connected Intel advisory (INTEL-SA-00582) specifies affected products and provides mitigations...
CVE-2021-33113
The CVE-2021-33113 entry involves Intel PROSet/Wireless WiFi and Killer WiFi software. Affected components are Intel PROSet/Wireless WiFi and Killer WiFi drivers on Windows 10/11 and related environments, where improper input validation can allow an unauthenticated user to cause denial of service...
CVE-2021-0071
CVE-2021-0071: Improper input validation in firmware for Intel PROSet/Wireless WiFi in UEFI can allow an unauthenticated user to escalate privileges via adjacent access. Root cause is input validation issues in the firmware. Impact per CVE and CVSS: potential privilege escalation; CVSSv3.1 base s...
CVE-2021-0105
CVE-2021-0105 affects Intel ProSet/Wireless WiFi drivers where insecure inherited permissions in the driver stack may allow an authenticated user to disclose information or cause DoS via adjacent access. Red Hat/Intel advisories align with an Intel advisory and enumerate affected products (e.g., ...
CVE-2019-14620
CVE-2019-14620 involves insufficient control flow management in Intel Wireless Bluetooth products, potentially allowing an unprivileged actor to cause a denial of service via adjacent access. The connected Intel advisory (INTEL-SA-00337) confirms the flaw, lists affected Intel Wireless Bluetooth ...
CVE-2020-0554
Intel’s advisory (CVE-2020-0554) describes a race condition in the software installer for certain Intel Wireless Bluetooth products on Windows 7/8.1/10 that may allow an unprivileged user to escalate privileges locally. Affected products include multiple Intel Wireless Bluetooth adapters (e.g., W...
CVE-2020-0555
CVE-2020-0555 concerns improper input validation in Intel® Wireless Bluetooth® products that could allow an authenticated local user to escalate privileges. Connected sources confirm this affects Intel Wireless Bluetooth drivers across multiple Intel Wi‑Fi/Bluetooth platforms and list concrete re...
CVE-2020-0559
Intel PROSet/Wireless WiFi software for Windows 7/8.1 contains insecure inherited permissions that may allow an authenticated, local attacker to escalate privileges. The issue affects multiple Intel wireless adapters (e.g., AX200/AX201, Wireless-AC 9560/9462/9461/9260, 8265/8260/3168/7265, 3165, ...
CVE-2021-0063
Summary: CVE-2021-0063 is an input validation vulnerability in firmware for Intel® PROSet/Wireless WiFi and Killer™ WiFi on Windows 10 that could allow an unauthenticated user to cause a denial of service via adjacent access. Impact details (as documented): The issue affects firmware/software for...
CVE-2020-0553
CVE-2020-0553 describes an out-of-bounds read in the kernel-mode driver for certain Intel® Wireless Bluetooth® products on Windows 10, enabling a local-Privilege escalation information disclosure under some conditions. The Intel advisory (intel-sa-00337) details affected Intel Wireless Bluetooth ...
CVE-2021-0065
CVE-2021-0065 concerns Intel PROSet/Wireless WiFi (and Killer WiFi) software installer on Windows 10 prior to 22.40, where an authenticated user may potentially enable privilege escalation via local access. Intel’s advisory Intel-SA-00509 and related Red Hat/NVD entries confirm this issue and pro...
CVE-2021-0082
Summary of CVE-2021-0082 : The issue affects Intel® PROSet/Wireless WiFi and Killer™ WiFi software on Windows 10. It is described as an Uncontrolled search path in the software installer , which may allow an authenticated user to potentially escalate privileges via local access. The Red Hat/Intel...
CVE-2021-0069
CVE-2021-0069 concerns improper input validation in firmware for Intel PROSet/Wireless WiFi and some Killer WiFi in Windows 10, allowing an unauthenticated user to potentially cause denial of service via adjacent access. Affected products include various Intel PROSet/Wireless WiFi adapters and Ki...
CVE-2021-0079
CVE-2021-0079 affects Intel PROSet/Wireless WiFi and Killer WiFi software on Windows 10. The issue is improper input validation in software/firmware that may allow an unauthenticated user to cause a denial of service via adjacent access. Red Hat and NVD references corroborate the vulnerability; I...
CVE-2021-0075
CVE-2021-0075 corresponds to an out-of-bounds write in firmware for Intel PROSet/Wireless WiFi and certain Killer WiFi on Windows 10. The issue could allow a privileged local user to cause denial of service. Affected products include Intel PROSet/WiFi adapters (e.g., certain Intel Wi‑Fi and Wirel...
CVE-2021-0151
The CVE-2021-0151 entry describes an impairment of access control in the installer for Intel Wireless Bluetooth and Killer Bluetooth products on Windows 10, enabling a locally authenticated user to potentially escalate privileges. Affected products (Intel Wireless Bluetooth and Killer Bluetooth) ...
CVE-2021-0053
CVE-2021-0053 affects Intel® PROSet/Wireless WiFi and Killer™ WiFi on Windows 10 due to an "improper initialization" in firmware. The Red Hat and Intel advisories confirm that this may allow an authenticated user to disclose information via adjacent access. The vulnerability’s root cause is in fi...
CVE-2021-0064
CVE-2021-0064 affects Intel PROSet/Wireless WiFi installer for Windows 10 prior to 22.40 (and Killer WiFi software as listed). The underlying issue is insecure inherited permissions in the installer, enabling an authenticated local user to escalate privileges. Affected Intel PROSet/Wireless WiFi ...
CVE-2021-0152
CVE-2021-0152 affects Intel® Wireless Bluetooth® and Killer™ Bluetooth® installer on Windows 10. The Red Hat/NVD entries and Intel advisory confirm the root cause: improper verification of the cryptographic signature in the installer, enabling a local, authenticated user to potentially cause a de...
CVE-2021-0078
CVE-2021-0078 involves improper input validation in software for Intel® PROSet/Wireless WiFi and Killer™ WiFi on Windows 10. The Red Hat and Intel advisories corroborate that an unauthenticated user could potentially cause denial of service or information disclosure via adjacent access. The vulne...