CVE-2022-21181

Published: Aug 18, 2022Modified: May 5, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Improper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access.

Affected (7)

Products: Intel: Wireless Ac 9560 Firmware, Wireless Ac 9462 Firmware, Wireless Ac 9461 Firmware, Killer Ac 1550 Firmware, Dual Band Wireless Ac 8260 Firmware, Dual Band Wireless Ac 8265 Firmware, Wireless Ac 9260 Firmware

Intel

7 products

Wireless Ac 9560 Firmware

Wireless Ac 9462 Firmware

Wireless Ac 9461 Firmware

Killer Ac 1550 Firmware

Dual Band Wireless Ac 8260 Firmware

Dual Band Wireless Ac 8265 Firmware

Wireless Ac 9260 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Intel Wireless Ac 9560 Firmware	Before 22.120

Running on/with	Platform Versions
Intel Wireless Ac 9560	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Intel Wireless Ac 9462 Firmware	Before 22.120

Running on/with	Platform Versions
Intel Wireless Ac 9462	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Intel Wireless Ac 9461 Firmware	Before 22.120

Running on/with	Platform Versions
Intel Wireless Ac 9461	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Intel Killer Ac 1550 Firmware	Before 3.1122.1105

Running on/with	Platform Versions
Intel Killer Ac 1550	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Intel Dual Band Wireless Ac 8260 Firmware	Before 22.120

Running on/with	Platform Versions
Intel Dual Band Wireless Ac 8260	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Intel Dual Band Wireless Ac 8265 Firmware	Before 22.120

Running on/with	Platform Versions
Intel Dual Band Wireless Ac 8265	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Intel Wireless Ac 9260 Firmware	Before 22.120

Running on/with	Platform Versions
Intel Wireless Ac 9260	All versions

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (4)

https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html

Source: secure@intel.com

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00621.html

Source: secure@intel.com

PatchVendor Advisory

https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00621.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.