Improper Input Validation in Intel PROSet/Wireless Wi-Fi and Killer Wi-Fi
CVE-2021-0168
6.7MEDIUM
Key Information:
- Vendor
- Intel
- Vendor
- CVE Published:
- 9 February 2022
Summary
The vulnerability arises from improper input validation in the firmware associated with Intel PROSet/Wireless Wi-Fi and some Killer Wi-Fi devices running on Windows 10 and 11. This flaw could allow a privileged user to exploit the vulnerability locally, potentially leading to unauthorized escalation of privileges within the affected systems. Users are advised to apply necessary updates and monitor for any mitigation advisories from Intel.
Affected Version(s)
Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 See references
References
CVSS V3.1
Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved