Improper Input Validation in Intel Wireless Products
CVE-2022-26047

6.5MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Proset/wireless Wifi, Intel Vpro(r) Csme Wifi And Killer(tm) Wifi Products
Vendor: CVE Published:; 11 November 2022

What is CVE-2022-26047?

An improper input validation flaw exists in certain Intel wireless products, including Intel PROSet/Wireless WiFi, Intel vPro CSME WiFi, and Killer WiFi. This vulnerability could potentially allow an unauthenticated user to trigger a denial of service condition by gaining local access. Users of the affected products are advised to implement necessary mitigations as outlined in Intel's security advisory.

Affected Version(s)

Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and Killer(TM) WiFi products See references

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 11, 2022
Vulnerability Reserved
Apr 5, 2022