CVE-2020-12314

EPSS 0.09%
Veröffentlicht 12.11.2020 18:15:14
Zuletzt bearbeitet 21.11.2024 04:59:30
Quelle secure@intel.com
CVE-Watchlists
Login
Unerledigt
Login

Improper input validation in some Intel(R) PROSet/Wireless WiFi products before version 21.110 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Intel ≫ Proset/wireless Wifi Version < 21.110

   Intel ≫ Dual Band Wireless-ac 3165 Version-
   Intel ≫ Dual Band Wireless-ac 3168 Version-
   Intel ≫ Dual Band Wireless-ac 8260 Version-
   Intel ≫ Dual Band Wireless-ac 8265 Version-
   Intel ≫ Wi-fi 6 Ax200 Version-
   Intel ≫ Wi-fi 6 Ax201 Version-
   Intel ≫ Wireless-ac 9260 Version-
   Intel ≫ Wireless-ac 9461 Version-
   Intel ≫ Wireless-ac 9462 Version-
   Intel ≫ Wireless-ac 9560 Version-
   Intel ≫ Wireless 7265 (rev D) Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.09%	0.234

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.5	2.8	3.6	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	3.3	6.5	2.9	AV:A/AC:L/Au:N/C:N/I:N/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-12314

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-12314

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-12314

EUVD