Improper input validation in firmware for Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and Killer(TM) Wi-Fi in Windows 10 and 11 may allow an unauthenticated user to potentially enable escalation of privilege via local access.

**Select Your Region**

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**Intel® PROSet/Wireless Wi-Fi, Intel® AMT Wireless and Killer™ Wi-Fi Software Advisory**

Intel ID:

INTEL-SA-00539

Advisory Category:

Firmware, Software

Impact of vulnerability:

Escalation of Privilege, Denial of Service, Information Disclosure

Severity rating:

HIGH

Original release:

02/08/2022

Last revised:

02/08/2022

**Summary: **

Potential security vulnerabilities in some Intel® PROSet/Wireless Wi-Fi, Intel® Active Management Technology (Intel® AMT) Wireless and Killer™ Wi-Fi may allow escalation of privilege, denial of service or information disclosure. Intel is releasing firmware and software updates to mitigate these potential vulnerabilities.

**Vulnerability Details:**

CVEID:  CVE-2021-0162

Description: Improper input validation in software for Intel(R) PROSet/Wireless Wi-Fi and Killer(TM) Wi-Fi in Windows 10 & 11 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

CVSS Base Score: 7.1 High

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

CVEID:  CVE-2021-0163

Description:  Improper Validation of Consistency within input in software for Intel(R) PROSet/Wireless Wi-Fi and Killer(TM) Wi-Fi in Windows 10 & 11 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

CVSS Base Score: 7.1 High

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

CVEID:  CVE-2021-0161

Description: Improper input validation in firmware for Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and Killer(TM) Wi-Fi in Windows 10 & 11 may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS Base Score: 6.7 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVEID:  CVE-2021-0164

Description: Improper access control in firmware for Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and Killer(TM) Wi-Fi in Windows 10 & 11 may allow an unauthenticated user to potentially enable  escalation of privilege via local access.

CVSS Base Score: 6.5 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N

CVEID:  CVE-2021-0165

Description: Improper input validation in firmware for Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and Killer(TM) Wi-Fi in Windows 10 & 11 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

CVSS Base Score: 6.5 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVEID:  CVE-2021-0066

Description: Improper input validation in firmware for Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and Killer(TM) Wi-Fi in Windows 10 & 11 may allow an unauthenticated user to potentially enable escalation of privilege via local access.

CVSS Base Score: 6.2 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CVEID:  CVE-2021-0166

Description: Exposure of Sensitive Information to an Unauthorized Actor in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 & 11 may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS Base Score: 6.1 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N

CVEID:  CVE-2021-0167

Description: Improper access control in software for Intel(R) PROSet/Wireless Wi-Fi and Killer(TM) Wi-Fi in Windows 10 & 11 may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS Base Score: 6.0 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

CVEID:  CVE-2021-0169

Description: Uncontrolled Search Path Element in software for Intel(R) PROSet/Wireless Wi-Fi in Windows 10 & 11 may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS Base Score: 6.0 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

CVEID:  CVE-2021-0168

Description: Improper input validation in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 & 11 may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS Base Score: 5.7 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H

CVEID:  CVE-2021-0170

Description: Exposure of Sensitive Information to an Unauthorized Actor in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 & 11 may allow an authenticated user to potentially enable information disclosure via local access.

CVSS Base Score: 5.5 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVEID:  CVE-2021-0171

Description: Improper access control in software for Intel(R) PROSet/Wireless Wi-Fi and Killer(TM) Wi-Fi in Windows 10 & 11 may allow an authenticated user to potentially enable information disclosure via local access.

CVSS Base Score: 5.5 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVEID:  CVE-2021-0172

Description: Improper input validation in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 & 11 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

CVSS Base Score: 5.3 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CVEID:  CVE-2021-0173

Description: Improper Validation of Consistency within input in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 & 11 may allow a unauthenticated user to potentially enable denial of service via adjacent access.

CVSS Base Score: 5.3 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CVEID:  CVE-2021-0174

Description:  Improper Use of Validation Framework in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 & 11 may allow a unauthenticated user to potentially enable denial of service via adjacent access.

CVSS Base Score: 5.3 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CVEID:  CVE-2021-0175

Description:  Improper Validation of Specified Index, Position, or Offset in Input in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 & 11 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

CVSS Base Score: 5.3 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CVEID:  CVE-2021-0076

Description:  Improper Validation of Specified Index, Position, or Offset in Input in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 & 11 may allow a privileged user to potentially enable denial of service via local access.

CVSS Base Score: 5.1 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H

CVEID:  CVE-2021-0176

Description: Improper input validation in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 & 11 may allow a privileged user to potentially enable denial of service via local access.

CVSS Base Score: 5.1 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H

CVEID:  CVE-2021-0177

Description: Improper Validation of Consistency within input in software for Intel(R) PROSet/Wireless Wi-Fi and Killer(TM) Wi-Fi in Windows 10 & 11 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

CVSS Base Score: 4.7 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

CVEID:  CVE-2021-0178

Description: Improper input validation in software for Intel(R) PROSet/Wireless Wi-Fi and Killer(TM) Wi-Fi in Windows 10 & 11 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

CVSS Base Score: 4.7 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

CVEID:  CVE-2021-0179

Description: Improper Use of Validation Framework in software for Intel(R) PROSet/Wireless Wi-Fi and  Killer(TM) Wi-Fi in Windows 10 & 11 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

CVSS Base Score: 4.7 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

CVEID:  CVE-2021-0183

Description:  Improper Validation of Specified Index, Position, or Offset in Input in software for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 & 11 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

CVSS Base Score: 4.7 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CVEID:  CVE-2021-0072

Description: Improper input validation in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 & 11 may allow a privileged user to potentially enable information disclosure via local access.

CVSS Base Score: 4.1 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

**Affected Products:**

Intel® PROSet/Wireless Wi-Fi products:

*   Intel® Wi-Fi 6E AX210
*   Intel® Wi-Fi 6 AX201
*   Intel® Wi-Fi 6 AX200
*   Intel® Wireless-AC 9560
*   Intel® Wireless-AC 9462
*   Intel® Wireless-AC 9461
*   Intel® Wireless-AC 9260
*   Intel® Dual Band Wireless-AC 8265
*   Intel® Dual Band Wireless-AC 8260
*   Intel® Dual Band Wireless-AC 3168
*   Intel® Wireless 7265 (Rev D) Family
*   Intel® Dual Band Wireless-AC 3165

Intel® AMT Wireless products:

*   Intel® Wi-Fi 6 AX210
*   Intel® Wi-Fi 6 AX201
*   Intel® Wi-Fi 6 AX200
*   Intel® Wireless-AC 9560
*   Intel® Wireless-AC 9260
*   Intel® Dual Band Wireless-AC 8265
*   Intel® Dual Band Wireless-AC 8260

Killer™ Wi-Fi products:

*   Killer™ Wi-Fi 6E AX1675       
*   Killer™ Wi-Fi 6 AX1650
*   Killer™ Wireless-AC 1550

**Recommendations:**

**Windows:**

Intel recommends updating the Intel® PROSet/Wireless Wi-Fi software to version 22.60 or later.

Updates are available for download at these locations:

Intel® PROSet/Wireless Wi-Fi version 22.60 or later:

https://www.intel.com/content/www/us/en/download/19351/windows-10-and-windows-11-wi-fi-drivers-for-intel-wireless-adapters.html

Intel recommends updating the Killer™ Wi-Fi software to version 3.0 (Production version) or later.

Updates for Killer™ products are available for download at this location:

https://www.intel.com/content/www/us/en/download/19779/intel-killer-performance-suite.html

**UEFI:  
**Intel recommends updating the Wi-Fi drivers in UEFI to version 1.2.6 or later.  
Please contact your OEM support group to obtain the correct driver version.

**Chrome OS:**

Intel® PROSet/Wireless Wi-Fi drivers to mitigate these vulnerabilities are up streamed to Chromium.

For any Google Chrome OS solution and schedule, please contact Google directly.

**Linux OS:**

Intel® PROSet/Wireless Wi-Fi drivers to mitigate these vulnerabilities are up streamed to Linux.

Consult the regular Open Source channels to obtain this update.

**Recommendation for Intel® AMT Wireless products:**

Intel recommends updating Intel® AMT Wireless products to the following versions.

**Chipset/SoC**

**Mitigated Intel® AMT Version or higher**

**Device**

11th Generation Intel® Core Processor

15.0.35

Intel® Wi-Fi 6 AX210

Intel® Wi-Fi 6 AX201

Intel® Wi-Fi 6 AX200

10th Generation Intel® Core Processor

14.1.60

Intel® Wi-Fi 6 AX201  
Intel® Wi-Fi 6 AX200

9th Generation Intel® Core Processor

12.0.85

Intel® Wireless-AC 9260

Intel® Wireless-AC 9560

Intel® Wi-Fi 6 AX200

8th Generation Intel® Core Processor

12.0.85

Intel® Wireless-AC 9260

Intel® Wireless-AC 9560

Intel® Wi-Fi 6 AX200

7th Generation Intel® Core Processor

6th Generation Intel® Core Processor

11.8.90

Intel® Dual Band Wireless-AC 8265  
Intel® Dual Band Wireless-AC 8260

Intel recommends that users of Intel® vPRO® CSME WiFi products update to the latest version provided by the system manufacturer that addresses these issues.

**Acknowledgements:**

These issues were found internally by Intel employees.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

**Revision History**

Revision

Date

Description

1.0

02/08/2022

Initial Release

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel, processors, chipsets, and desktop boards may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at https://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  
Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2021-0066: INTEL-SA-00539

Improper access control in the firmware for some Intel(R) Processors may allow an unauthenticated user to potentially enable an escalation of privilege via local access.

**Select Your Region**

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**2021.2 IPU - BIOS Advisory**

Intel ID:

INTEL-SA-00527

Advisory Category:

Firmware

Impact of vulnerability:

Escalation of Privilege, Denial of Service, Information Disclosure

Severity rating:

HIGH

Original release:

02/08/2022

Last revised:

02/08/2022

**Summary: **

Potential security vulnerabilities in the BIOS firmware for some Intel® Processors may allow escalation of privilege, denial of service or information disclosure.  Intel is releasing firmware updates to mitigate these potential vulnerabilities.

**Vulnerability Details:**

CVEID: CVE-2021-0103

Description: Insufficient control flow management in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.

CVSS Base Score: 8.2 High

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CVEID: CVE-2021-0114

Description: Unchecked return value in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.

CVSS Base Score: 7.9 High

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N

CVEID: CVE-2021-0115

Description: Buffer overflow in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS Base Score: 7.9 High

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N

CVEID: CVE-2021-0116

Description: Out-of-bounds write in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.

CVSS Base Score: 7.9 High

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N

CVEID: CVE-2021-0117

Description: Pointer issues in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.

CVSS Base Score: 7.9 High

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N

CVEID: CVE-2021-0118

Description: Out-of-bounds read in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.

CVSS Base Score: 7.9 High

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N

CVEID: CVE-2021-0099

Description: Insufficient control flow management in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable an escalation of privilege via local access.

CVSS Base Score: 7.8 High

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

CVEID: CVE-2021-0156

Description: Improper input validation in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable an escalation of privilege via local access.

CVSS Base Score: 7.5 High

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CVEID: CVE-2021-0111

Description: NULL pointer dereference in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.

CVSS Base Score: 7.2 High

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N

CVEID: CVE-2021-0107

Description: Unchecked return value in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS Base Score: 7.2 High

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N

CVEID: CVE-2021-0125

Description: Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via physical access.

CVSS Base Score: 6.7 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:L

CVEID: CVE-2021-0124

Description: Improper access control in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via physical access.

CVSS Base Score: 6.3 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H

CVEID: CVE-2021-0119

Description: Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via physical access.

CVSS Base Score: 5.8 Medium

CVSS Vector: CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L

CVEID: CVE-2021-0092

Description: Improper access control in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable a denial of service via local access.

CVSS Base Score: 4.7 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H

CVEID: CVE-2021-0091

Description: Improper access control in the firmware for some Intel(R) Processors may allow an unauthenticated user to potentially enable an escalation of privilege via local access.

CVSS Base Score: 3.2 Low

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

CVEID: CVE-2021-0093

Description: Incorrect default permissions in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable a denial of service via local access.

CVSS Base Score: 2.4 Low

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L

**Affected Products:**

*   2nd Generation Intel® Xeon® Scalable Processor Family
*   Intel® Xeon® Scalable Processor Family
*   Intel® Xeon® Processor W Family
*   Intel® Xeon® Processor E Family
*   Intel® Xeon® Processor D Family
*   11th Generation Intel® Core™ Processor Family
*   10th Generation Intel® Core™ Processor Family
*   9th Generation Intel® Core™ Processor Family
*   8th Generation Intel® Core™ Processor Family
*   7th Generation Intel® Core™ Processor Family
*   6th Generation Intel® Core™ processor Family
*   Intel® Core™ X-series Processor Family
*   Intel® Atom® Processor C3XXX Family.

**Recommendations:**

Intel recommends that users of listed Intel® Processors update to the latest versions provided by the system manufacturer that addresses these issues.

**Acknowledgements:**

Intel would like to thank Hugo Magalhaes from Oracle for reporting CVE-2021-0107, CVE-2021-0111, CVE-2021-0114, CVE-2021-0115, CVE-2021-0116, CVE-2021-0117, CVE-2021-0118, and CVE-2021-0144.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

**Revision History**

Revision

Date

Description

1.0

02/08/2022

Initial Release

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel, processors, chipsets, and desktop boards may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at https://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  
Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2021-0091: INTEL-SA-00527

Insufficient control flow management in some Intel(R) Processors may allow an authenticated user to potentially enable a denial of service via local access.

**Select Your Region**

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**2021.2 IPU - Intel® Processor Breakpoint Control Flow Advisory**

**Summary: **

A potential security vulnerability in some Intel® processors that may allow a denial of service.  Intel® is releasing firmware updates to mitigate this potential vulnerability.

**Vulnerability Details:**

CVEID: CVE-2021-0127

Description: Insufficient control flow management in some Intel(R) Processors may allow an authenticated user to potentially enable a denial of service via local access

CVSS Base Score: 5.6 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H

**Affected Products:**

*   6th Generation Intel® Core™ Processors
*   7th Generation Intel® Core™ Processor Family
*   8th Generation Intel® Core™ Processor Family
*   9th Generation Intel® Core™ Processor Family
*   10th Generation Intel® Core™ Processor Family
*   Intel® Celeron® Processor G Series
*   Intel® Core™ X-series Processors
*   Intel® Pentium® Gold Processor Series
*   Intel® Xeon® Scalable Processors
*   2nd Generation Intel® Xeon® Scalable Processors
*   3rd Generation Intel® Xeon® Scalable Processors
*   Intel® Xeon® Processor W Family
*   Intel® Xeon® Processor E Family
*   Intel® Xeon® Processor E3 v6 Family
*   Intel® Xeon® Processor D Family
*   Intel ® Xeon® Platinum 81xxD
*   Intel® Xeon® Processor E3 v5 Family

**Recommendations:**

Intel recommends that users of the above listed Intel® Processors update to the latest firmware version provided by the system manufacturer that addresses this issue.

**Acknowledgements:**

This issue was found externally.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

**Revision History**

Revision

Date

Description

1.0

02/08/2022

Initial Release

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel, processors, chipsets, and desktop boards may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at https://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  
Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2021-0127: INTEL-SA-00532

Improper isolation of shared resources in network on chip for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access.

**Select Your Region**

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**Intel® 82599 Ethernet Series Advisory**

**Summary: **

Potential security vulnerabilities in the Intel® 82599 Ethernet Series Controllers and Adapters may allow denial of service.  Intel is releasing software updates and prescriptive guidance to address these potential vulnerabilities.

**Vulnerability Details:**

CVEID: CVE-2021-33096

Description: Improper isolation of shared resources in network on chip for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access.

CVSS Base Score: 6.5 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

CVEID: CVE-2021-33061

Description: Insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access.

CVSS Base Score: 6.5 MEDIUM

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

**Affected Products:**

All Intel® 82599 Ethernet Series Controllers and associated Adapters.

**Recommendations:**

Intel recommends following the steps below to address these issues.

For CVE-2021-33096:

1.  Download the prescriptive guidance found in this Application Note.
2.  Consult the Direct-Assignment Networking Fault Isolation in a Data Center Environment Prescriptive Guidance Addressing INTEL-SA-00571 Application Note. 

For CVE-2021-33061:

Update Intel® 82599 Ethernet Series Controllers and associated Adapters Kernel-mode Driver versions to 5.13.4 or higher.

Updates are available for download at this location:

https://sourceforge.net/projects/e1000/files/ixgbe%20stable/5.13.4/

**Acknowledgements:**

Intel would like to thank Asaf Modelevsky (Amazon Web Services) for reporting these issues.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

**Revision History**

Revision

Date

Description

1.0

02/08/2022

Initial Release

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel, processors, chipsets, and desktop boards may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at https://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  
Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2021-33096: INTEL-SA-00571

Due to improper error handling in SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an attacker could submit multiple HTTP server requests resulting in errors, such that it consumes the memory buffer. This could result in system shutdown rendering the system unavailable.

**Note#****Title****Priority****CVSS**3123396

\[CVE-2022-22536\] **Request smuggling and request concatenation in SAP NetWeaver, SAP Content Server and SAP Web Dispatcher**                             Product \- SAP Web Dispatcher, Versions - 7.49, 7.53, 7.77, 7.81, 7.85, 7.22EXT, 7.86, 7.87  
Product \- SAP Content Server, Version - 7.53  
Product - SAP NetWeaver and ABAP Platform, Versions - KERNEL 7.22, 8.04, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, KRNL64UC 8.04, 7.22, 7.22EXT, 7.49, 7.53, KRNL64NUC 7.22, 7.22EXT, 7.49

Hot News103142773\[CVE-2021-44228\] **Remote Code Execution vulnerability associated with Apache Log4j 2 component used in SAP Commerce**  
Related CVEs \- CVE-2021-45046, CVE-2021-45105, CVE-2021-44832  
Product - SAP Commerce, Versions - 1905, 2005, 2105, 2011Hot News103130920**Remote Code Execution vulnerability associated with Apache Log4j 2 component used in SAP Data Intelligence 3 (on-premise)  
**Related CVEs - CVE-2021-44228, CVE-2021-45046, CVE-2021-45105  
Product - SAP Data Intelligence, Version - 3  
Hot News103139893\[CVE-2021-44228\] **Remote Code Execution vulnerability associated with Apache Log4j 2 component used in SAP Dynamic Authorization Management  
**Related CVEs - CVE-2021-44228, CVE-2021-45046  
Product - SAP Dynamic Authorization Management, Version - 9.1.0.0, 2021.03Hot News103132922**_Update to Security Note released in December 2021:  
_**\[CVE-2021-44228\] **Remote Code Execution vulnerability associated with Apache Log4j 2 component used in Internet of Things Edge Platform  
**Related CVEs -  CVE-2021-45105, CVE-2021-45046 , CVE-2021-44832  
Product - Internet of Things Edge Platform, Version - 4.0Hot News103133772**_Update to Security Note released in December 2021:_**  
\[CVE-2021-44228\] **Remote Code Execution vulnerability associated with Apache Log4j 2 component used in SAP Customer Checkout  
**Related CVEs - CVE-2021-45046, CVE-2021-45105  
Product - SAP Customer Checkout, Version - 2Hot News103131047**_Update to Security Note released in December 2021:_**  
\[CVE-2021-44228\] **Central Security Note for Remote Code Execution vulnerability associated with Apache Log4j 2 component**Hot News102622660_**Update to Security Note released on April 2018 Patch Day:**_  
**Security updates for the browser control Google Chromium delivered with SAP Business Client  
**Product – SAP Business Client, Version – 6.5Hot News103140940\[CVE-2022-22544\] **Missing segregation of duties in SAP Solution Manager Diagnostics Root Cause Analysis Tools**  
Product \- SAP Solution Manager (Diagnostics Root Cause Analysis Tools), Version - 720Hot News9.13112928_**Update to Security Note released on January 2022 Patch Day:**_  
\[CVE-2022-22531\] **Multiple vulnerabilities in F0743 Create Single Payment application of SAP S/4HANA**Additional CVE \- CVE-2022-22530Product \- SAP S/4HANA, Versions - 100, 101, 102, 103, 104, 105, 106High8.73123427

\[CVE-2022-22532\] **HTTP Request Smuggling in SAP NetWeaver Application Server Java  
**Product \- SAP NetWeaver Application Server Java, Versions - KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53

High8.13140587\[CVE-2022-22540\] **SQL Injection vulnerability in SAP NetWeaver AS ABAP (Workplace Server)  
**Product \- SAP NetWeaver AS ABAP (Workplace Server), Versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 787High7.13124994

\[CVE-2022-22534\] **Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver  
**Product \- SAP NetWeaver (ABAP and Java application Servers), Versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756

Medium4.73126489

\[CVE-2022-22535\] **Missing Authorization check in SAP ERP HCM  
**Product \-  SAP ERP HCM (Portugal), Versions - 600, 604, 608

Medium6.53126748

\[CVE-2022-22546\] **XSS vulnerability in SAP Business Objects Web Intelligence (BI Launchpad)  
**Product \- SAP Business Objects Web Intelligence (BI Launchpad) , Version - 420

Medium5.43134684

\[Multiple CVEs\] **Improper Input Validation in SAP 3D Visual Enterprise Viewer  
**CVEs \- CVE-2022-22537, CVE-2022-22539, CVE-2022-22538  
Product \- SAP 3D Visual Enterprise Viewer , Version - 9.0

Medium4.33140564

\[CVE-2022-22528\] **Information Disclosure in SAP Adaptive Server Enterprise  
**Product \- SAP Adaptive Server Enterprise , Version - 16.0

Medium5.63142092

\[CVE-2022-22542\] **Information Disclosure vulnerability in SAP S/4HANA (Supplier Factsheet and Enterprise Search for Business Partner, Supplier and Customer)  
**Product \- SAP S/4HANA (Supplier Factsheet and Enterprise Search for Business Partner, Supplier and Customer)  , Versions - 104, 105, 106

Medium6.53116223

\[CVE-2022-22543\] **Denial of service (DOS) in SAP NetWeaver Application Server for ABAP (Kernel) and ABAP Platform (Kernel)  
**Product \-  SAP NetWeaver Application Server for ABAP (Kernel) and ABAP Platform (Kernel) , Versions - KERNEL 7.22, 8.04, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, KRNL64UC 8.04, 7.22, 7.22EXT, 7.49, 7.53, KRNL64NUC 7.22, 7.22EXT, 7.49

Low3.7

CVE-2022-22533: SAP Security Patch Day - February 2022 - Product Security Response at SAP

In Bluetooth, there is a possible information disclosure due to incorrect error handling. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108487; Issue ID: ALPS06108487.

**February 2022 Product Security Bulletin**

Published 2022-02-07

The MediaTek Product Security Bulletin contains details of security vulnerabilities affecting MediaTek Smartphone, Tablet, AIoT and Smart display chipsets. Device OEMs have been notified of all the issues and the corresponding security patches for at least two months before publication.

The severity of the identified vulnerabilities was conducted based on the Common Vulnerability Scoring System version 3.1 (CVSS v3.1).

****Summary****

Severity

**CVEs**

High

CVE-2022-20024, CVE-2022-20025, CVE-2022-20026, CVE-2022-20027, CVE-2022-20028

Medium

CVE-2022-20029, CVE-2022-20030, CVE-2022-20031, CVE-2022-20032, CVE-2022-20033, CVE-2022-20017, CVE-2022-20034, CVE-2022-20035, CVE-2022-20036, CVE-2022-20037, CVE-2022-20038, CVE-2022-20039, CVE-2022-20040, CVE-2022-20041, CVE-2022-20042, CVE-2022-20043, CVE-2022-20044, CVE-2022-20045, CVE-2022-20046

****Details****

CVE

**CVE-2022-20024**

Title

Improper input validation in system service

Severity

High

Vulnerability Type

EoP

CWE

CWE-20 Improper Input Validation

Description

In system service, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6580, MT6739, MT6750, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797

Affected Software Versions

Android 11.0, 12.0

CVE

**CVE-2022-20025**

Title

Stack-based buffer overflow in Bluetooth

Severity

High

Vulnerability Type

EoP

CWE

CWE-121 Stack-based Buffer Overflow

Description

In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385

Affected Software Versions

Android 8.1, 9.0, 10.0, 11.0, 12.0

CVE

**CVE-2022-20026**

Title

Stack-based buffer overflow in Bluetooth

Severity

High

Vulnerability Type

EoP

CWE

CWE-122 Stack-based Buffer Overflow

Description

In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385

Affected Software Versions

Android 8.1, 9.0, 10.0, 11.0, 12.0

CVE

**CVE-2022-20027**

Title

Stack-based buffer overflow in Bluetooth

Severity

High

Vulnerability Type

EoP

CWE

CWE-123 Stack-based Buffer Overflow

Description

In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385

Affected Software Versions

Android 8.1, 9.0, 10.0, 11.0, 12.0

CVE

**CVE-2022-20028**

Title

Stack-based buffer overflow in Bluetooth

Severity

High

Vulnerability Type

EoP

CWE

CWE-123 Stack-based Buffer Overflow

Description

In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385

Affected Software Versions

Android 8.1, 9.0, 10.0, 11.0, 12.0

CVE

**CVE-2022-20029**

Title

Out-of-bounds read in cmdq driver

Severity

Medium

Vulnerability Type

ID

CWE

CWE-125 Out-of-bounds Read

Description

In cmdq driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8163, MT8167, MT8168, MT8173, MT8175, MT8183, MT8321, MT8362A, MT8365, MT8385, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8791, MT8797

Affected Software Versions

Android 10.0, 11.0, 12.0

CVE

**CVE-2022-20030**

Title

Stack-based buffer overflow in vow driver

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-121 Stack-based Buffer Overflow

Description

In vow driver, there is a possible out of bounds write due to a stack-based buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8185, MT8789, MT8791, MT8797

Affected Software Versions

Android 10.0, 11.0, 12.0

CVE

**CVE-2022-20031**

Title

Use after free in fb driver

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-416 Use After Free

Description

In fb driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6580, MT6582E, MT6582H, MT6582T, MT6582W, MT6582\_90, MT6589, MT6589TD, MT6592E, MT6592H, MT6592T, MT6592W, MT6592\_90, MT6595, MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893

Affected Software Versions

Android 10.0, 11.0

CVE

**CVE-2022-20032**

Title

Out-of-bounds read in vow driver

Severity

Medium

Vulnerability Type

ID

CWE

CWE-125 Out-of-bounds Read

Description

In vow driver, there is a possible memory corruption due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8185, MT8789, MT8791, MT8797

Affected Software Versions

Android 10.0, 11.0, 12.0

CVE

**CVE-2022-20033**

Title

Out-of-bounds read in camera driver

Severity

Medium

Vulnerability Type

ID

CWE

CWE-125 Out-of-bounds Read

Description

In camera driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6893, MT8167, MT8168, MT8173, MT8362A, MT8365

Affected Software Versions

Android 11.0, 12.0

CVE

**CVE-2022-20017**

Title

Exposure of sensitive information to an unauthorized actor in ion driver

Severity

Medium

Vulnerability Type

ID

CWE

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

Description

In ion driver, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6765, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797

Affected Software Versions

Android 10.0, 11.0, 12.0

CVE

**CVE-2022-20034**

Title

Improper authentication in Preloader XFLASH

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-287 Improper Authentication

Description

In Preloader XFLASH, there is a possible escalation of privilege due to an improper certificate validation. This could lead to local escalation of privilege for an attacker who has physical access to the device with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6580, MT6735, MT6739, MT6761, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6799, MT6833, MT6853, MT6873, MT6875, MT6877, MT6885, MT6891, MT6893

Affected Software Versions

Android 11.0

CVE

**CVE-2022-20035**

Title

Use after free in vcu driver

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-416 Use After Free

Description

In vcu driver, there is a possible information disclosure due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6768, MT6769, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6890, MT6891, MT6893, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797

Affected Software Versions

Android 10.0, 11.0

CVE

**CVE-2022-20036**

Title

Exposure of sensitive information to an unauthorized actor in ion driver

Severity

Medium

Vulnerability Type

ID

CWE

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

Description

In ion driver, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791

Affected Software Versions

Android 10.0, 11.0

CVE

**CVE-2022-20037**

Title

Exposure of sensitive information to an unauthorized actor in ion driver

Severity

Medium

Vulnerability Type

ID

CWE

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

Description

In ion driver, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797

Affected Software Versions

Android 10.0, 11.0

CVE

**CVE-2022-20038**

Title

Improper restriction of operations within the bounds of a memory buffer in ccu driver

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

Description

In ccu driver, there is a possible memory corruption due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8791, MT8797

Affected Software Versions

Android 11.0

CVE

**CVE-2022-20039**

Title

Integer overflow or wraparound in ccu driver

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-190 Integer Overflow or Wraparound

Description

In ccu driver, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6833, MT6853, MT6873, MT6877, MT6883, MT6893, MT8791, MT8797

Affected Software Versions

Android 11.0

CVE

**CVE-2022-20040**

Title

Stack-based buffer overflow in power\_hal\_manager\_service

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-121 Stack-based Buffer Overflow

Description

In power\_hal\_manager\_service, there is a possible permission bypass due to a stack-based buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6735, MT6737, MT6739, MT6755, MT6757, MT6761, MT6771, MT6779, MT6785, MT6833, MT6853, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797

Affected Software Versions

Android 11.0, 12.0

CVE

**CVE-2022-20041**

Title

Improper privilege management in Bluetooth

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-269 Improper Privilege Management

Description

In Bluetooth, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385

Affected Software Versions

Android 8.1, 9.0, 10.0, 11.0, 12.0

CVE

**CVE-2022-20042**

Title

Exposure of sensitive information to an unauthorized actor in Bluetooth

Severity

Medium

Vulnerability Type

ID

CWE

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

Description

In Bluetooth, there is a possible information disclosure due to incorrect error handling. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385

Affected Software Versions

Android 8.1, 9.0, 10.0, 11.0, 12.0

CVE

**CVE-2022-20043**

Title

Improper privilege management in Bluetooth

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-269 Improper Privilege Management

Description

In Bluetooth, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385

Affected Software Versions

Android 8.1, 9.0, 10.0, 11.0, 12.0

CVE

**CVE-2022-20044**

Title

Use after free in Bluetooth

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-416 Use After Free

Description

In Bluetooth, there is a possible service crash due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385

Affected Software Versions

Android 8.1, 9.0, 10.0, 11.0, 12.0

CVE

**CVE-2022-20045**

Title

Use after free in Bluetooth

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-416 Use After Free

Description

In Bluetooth, there is a possible service crash due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385

Affected Software Versions

Android 8.1, 9.0, 10.0, 11.0, 12.0

CVE

**CVE-2022-20046**

Title

Missing release of memory after effective lifetime in Bluetooth

Severity

Medium

Vulnerability Type

DoS

CWE

CWE-401 Missing Release of Memory after Effective Lifetime

Description

In Bluetooth, there is a possible memory corruption due to a logic error. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385

Affected Software Versions

Android 8.1, 9.0, 10.0, 11.0, 12.0

****Vulnerability Type Definition****

Abbreviation

**Definition**

RCE

Remote Code Execution

EoP

Elevation of Privilege

ID

Information Disclosure

DoS

Denial of Service

N/A

Classification not available

****Versions****

**Version**

**Date**

**Description**

1.0

February 7, 2022

Bulletin published.

****Notes****

Information above is generated only at the time of creation of this Security Bulletin. The list of affected chipsets could be not complete. For any further information, device OEMs can reach your MediaTek contact person if needed.

If you want to report a security vulnerability in MediaTek chipsets or products, please go to Report Security Vulnerability page on MediaTek website.

CVE-2022-20042: February 2022

Out-of-bounds read in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable denial of service via local access.

**Select Your Region**

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**Intel® Trace Analyzer and Collector Advisory**

Intel ID:

INTEL-SA-00639

Advisory Category:

Software

Impact of vulnerability:

Denial of Service, Information Disclosure

Severity rating:

MEDIUM

Original release:

02/08/2022

Last revised:

02/08/2022

**Summary: **

Potential security vulnerabilities in the Intel® Trace Analyzer and Collector may allow denial of service or information disclosure.  Intel is releasing software updates to mitigate these potential vulnerabilities.

**Vulnerability Details:**

CVEID: CVE-2022-21133

Description: Out-of-bounds read in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable denial of service via local access.

CVSS Base Score: 5.6 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

CVEID: CVE-2022-21226

Description: Out-of-bounds read in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable information disclosure via local access.

CVSS Base Score: 5.3 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

CVEID: CVE-2022-21218

Description: Uncaught exception in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable information disclosure via local access.

CVSS Base Score: 4.5 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

CVEID: CVE-2022-21156

Description: Access of uninitialized pointer in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable denial of service via local access.

CVSS Base Score: 3.6 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L

**Affected Products:**

Intel® Trace Analyzer and Collector before version 2021.5.

**Recommendations:**

Intel recommends updating the Intel® Trace Analyzer and Collector to version 2021.5 or later.

Updates are available for download at this location: https://www.intel.com/content/www/us/en/develop/documentation/get-started-with-itac/top.html

**Acknowledgements:**

Intel would like to thank Star Labs for reporting these issues.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

**Revision History**

Revision

Date

Description

1.0

02/08/2022

Initial Release

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel, processors, chipsets, and desktop boards may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at https://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  
Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2022-21133: INTEL-SA-00639

Out of bounds read under complex microarchitectural condition in memory subsystem for some Intel Atom(R) Processors may allow authenticated user to potentially enable information disclosure or cause denial of service via network access.

**Select Your Region**

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**2021.2 IPU - Intel Atom® Processor Advisory**

Intel ID:

INTEL-SA-00589

Advisory Category:

Firmware

Impact of vulnerability:

Denial of Service, Information Disclosure

Severity rating:

LOW

Original release:

02/08/2022

Last revised:

02/08/2022

**Summary: **

A potential security vulnerability in some Intel Atom® Processors may allow information disclosure or denial of service.  Intel is releasing firmware updates to mitigate this potential vulnerability.

**Vulnerability Details:**

CVEID: CVE-2021-33120

Description:  Out of bounds read under complex microarchitectural condition in memory subsystem for some Intel Atom(R) Processors may allow authenticated user to potentially enable information disclosure or cause denial of service via network access.

CVSS Base Score: 3.6 Low

CVSS Vector:  CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:L

**Affected Products:**

A list of impacted products can be found here.

**Recommendations:**

Intel recommends that users of affected Intel® Processors update to the latest version firmware provided by the system manufacturer that addresses these issues. 

Intel has released microcode updates for the affected Intel® Processors that are currently supported on the public github repository. Please see details below on access to the microcode: 

Public Github: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files

**Acknowledgements:**

This issue was found internally by Intel employee. Intel would like to thank Brandon Miller for reporting the issue.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

**Revision History**

Revision

Date

Description

1.0

02/08/2022

Initial Release

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel, processors, chipsets, and desktop boards may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at https://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  
Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2021-33120: INTEL-SA-00589

Improper input validation in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.100 may allow an authenticated user to potentially enable denial of service via adjacent access.

**Select Your Region**

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**Intel® Wireless Bluetooth® and Killer™ Bluetooth® Advisory**

**Summary: **

Potential security vulnerabilities in some Intel® Wireless Bluetooth® and Killer™ Bluetooth® products may allow denial of service. Intel is releasing firmware updates to mitigate these potential vulnerabilities.

**Vulnerability Details:**

CVEID:  CVE-2021-33139

Description: Improper conditions check in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.100 may allow an authenticated user to potentially enable denial of service via adjacent access.

CVSS Base Score: 5.7 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVEID:  CVE-2021-33155

Description: Improper input validation in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.100 may allow an authenticated user to potentially enable denial of service via adjacent access.

CVSS Base Score: 5.7 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

**Affected Products:**

Intel® Wireless Bluetooth® and Killer™ Bluetooth® products with drivers before version 22.100:

*   Intel® Wi-Fi 6 AX211
*   Intel® Wi-Fi 6 AX210
*   Intel® Wi-Fi 6 AX201
*   Intel® Wi-Fi 6 AX200
*   Intel® Wireless-AC 9560
*   Intel® Wireless-AC 9462
*   Intel® Wireless-AC 9461
*   Intel® Wireless-AC 9260
*   Intel® Dual Band Wireless-AC 8265
*   Intel® Dual Band Wireless-AC 8260
*   Intel® Dual Band Wireless-AC 3168
*   Intel® Wireless 7265 (Rev D) Family
*   Intel® Dual Band Wireless-AC 3165
*   Killer™ Wi-Fi 6E AX1675       
*   Killer™ Wi-Fi 6 AX1650
*   Killer™ Wireless-AC 1550

**Recommendations:**

**Windows OS:**

Intel recommends updating the affected Intel® Wireless Bluetooth® and Killer™ Bluetooth® products to version 22.100 or later.

Windows 10 and Windows 11 updates are available for download at this location:

https://www.intel.com/content/www/us/en/download/18649/intel-wireless-bluetooth-for-windows-10-and-windows-11.html

**Chrome OS:**

Updates to mitigate these vulnerabilities are up streamed to Chromium.

For any Google Chrome OS solution and schedule, please contact Google directly.

Killer™ Products are not applicable for Chrome OS.

**Linux OS:**

Updates to mitigate these vulnerabilities are up streamed to Linux.

Consult the regular opensource channels to obtain this update.

Killer™ Products are not applicable for Linux OS.

**Acknowledgements:**

Intel would like to thank Matheus Eduardo Garbelini and Sudipta Chattopadhyay from the Singapore University of Technology and Design for reporting these issues.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

**Revision History**

Revision

Date

Description

1.0

02/08/2022

Initial Release

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel, processors, chipsets, and desktop boards may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at https://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  
Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2021-33155: INTEL-SA-00604

Improper input validation for some Intel(R) PROSet/Wireless WiFi in UEFI may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

**Select Your Region**

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**Intel® PROSet/Wireless WiFi and Killer™ WiFi Software Advisory**

Intel ID:

INTEL-SA-00582

Advisory Category:

Firmware, Software

Impact of vulnerability:

Escalation of Privilege, Denial of Service, Information Disclosure

Severity rating:

HIGH

Original release:

02/08/2022

Last revised:

02/08/2022

**Summary: **

Potential security vulnerabilities in some Intel® PROSet/Wireless WiFi and Killer™ WiFi products may allow escalation of privilege, denial of service or information disclosure. Intel is releasing firmware and software updates to mitigate these potential vulnerabilities.

**Vulnerability Details:**

CVEID:  CVE-2021-33113

Description: Improper input validation for some Intel(R) PROSet/Wireless WiFi in multiple operating systems and Killer(TM) WiFi in Windows 10 & 11 may allow an unauthenticated user to potentially enable denial of service or information disclosure via adjacent access.

CVSS Base Score: 7.1 High

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

CVEID:  CVE-2021-33115

Description: Improper input validation for some Intel(R) PROSet/Wireless WiFi in UEFI may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

CVSS Base Score: 6.8 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CVEID:  CVE-2021-33114

Description: Improper input validation for some Intel(R) PROSet/Wireless WiFi in multiple operating systems and Killer(TM) WiFi in Windows 10 & 11 may allow an authenticated user to potentially enable denial of service  via adjacent access.

CVSS Base Score: 4.8 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

**Affected Products:**

Intel® PROSet/Wireless Wi-Fi products with Windows WiFi drivers before version 22.80, or UEFI WiFi drivers before version 1.2.8.21337:

*   Intel® Wi-Fi 6E AX210
*   Intel® Wi-Fi 6 AX201
*   Intel® Wi-Fi 6 AX200
*   Intel® Wireless-AC 9560
*   Intel® Wireless-AC 9462
*   Intel® Wireless-AC 9461
*   Intel® Wireless-AC 9260
*   Intel® Dual Band Wireless-AC 8265
*   Intel® Dual Band Wireless-AC 8260
*   Intel® Dual Band Wireless-AC 3168
*   Intel® Wireless 7265 (Rev D) Family
*   Intel® Dual Band Wireless-AC 3165

Killer™ Wi-Fi products with drivers before version 3.1021.733.0:

*   Killer™ Wi-Fi 6E AX1675       
*   Killer™ Wi-Fi 6 AX1650
*   Killer™ Wireless-AC 1550

**Recommendations:**

**Windows:**

Intel recommends updating Intel® PROSet/Wireless WiFi to version 22.80 or later.

Updates are available for download at this location:

https://www.intel.com/content/www/us/en/download/19351/windows-10-and-windows-11-wi-fi-drivers-for-intel-wireless-adapters.html

Intel recommends updating Killer™ WiFi to version 3.1021.733.0 or later.

https://www.intel.com/content/www/us/en/download/19779/intel-killer-performance-suite.html

**UEFI:**

Intel recommends updating UEFI WiFi drivers to version 1.2.8.21337 or later.

Please contact your OEM support group to obtain the correct driver version.

**Chrome OS:**

Intel® PROSet/Wireless WiFi drivers to mitigate these vulnerabilities are up streamed to Chromium.

For any Google Chrome OS solution and schedule, please contact Google directly.

**Linux OS:**

Intel® PROSet/Wireless WiFi drivers to mitigate these vulnerabilities are up streamed to Linux.

Consult the regular Open Source channels to obtain this update.

**Acknowledgements:  **

Intel would like to thank Hongjian Cao at Ant Security Frontage Lab for reporting CVE-2021-33114. The remaining issues were found internally by Intel employees.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

**Revision History**

Revision

Date

Description

1.0

02/08/2022

Initial Release

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel, processors, chipsets, and desktop boards may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at https://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  
Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

Tag

#dos