CVE-2021-0168
Severity CVSS v4.0:
Pending analysis
Type:
CWE-20
Input Validation
Publication date:
09/02/2022
Last modified:
05/05/2025
Description
Improper input validation in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 may allow a privileged user to potentially enable escalation of privilege via local access.
Impact
Base Score 3.x
6.70
Severity 3.x
MEDIUM
Base Score 2.0
4.60
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:intel:amt_ac_8260_firmware:*:*:*:*:*:*:*:* | 11.8.90 (excluding) | |
| cpe:2.3:h:intel:amt_ac_8260:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:intel:amt_ac_8265_firmware:*:*:*:*:*:*:*:* | 11.8.90 (excluding) | |
| cpe:2.3:h:intel:amt_ac_8265:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:intel:amt_ac_9260_firmware:*:*:*:*:*:*:*:* | 12.0.85 (excluding) | |
| cpe:2.3:h:intel:amt_ac_9260:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:intel:amt_ac_9560_firmware:*:*:*:*:*:*:*:* | 12.0.85 (excluding) | |
| cpe:2.3:h:intel:amt_ac_9560:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:intel:amt_wi-fi_6_ax200_firmware:*:*:*:*:*:*:*:* | 12.0.85 (excluding) | |
| cpe:2.3:o:intel:amt_wi-fi_6_ax200_firmware:*:*:*:*:*:*:*:* | 14.0.0 (including) | 14.1.60 (excluding) |
| cpe:2.3:o:intel:amt_wi-fi_6_ax200_firmware:*:*:*:*:*:*:*:* | 15.0.0 (including) | 15.0.35 (excluding) |
| cpe:2.3:h:intel:amt_wi-fi_6_ax200:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:intel:amt_wi-fi_6_ax201_firmware:*:*:*:*:*:*:*:* | 14.0.0 (including) | 14.1.60 (excluding) |
| cpe:2.3:o:intel:amt_wi-fi_6_ax201_firmware:*:*:*:*:*:*:*:* | 15.0.0 (including) | 15.0.35 (excluding) |
| cpe:2.3:h:intel:amt_wi-fi_6_ax201:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page