7.8

CVE-2021-37409

Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IntelWireless-ac 9560 Firmware Version < 22.120
   IntelWireless-ac 9560 Version-
IntelWireless-ac 9462 Firmware Version < 22.120
   IntelWireless-ac 9462 Version-
IntelWireless-ac 9461 Firmware Version < 22.120
   IntelWireless-ac 9461 Version-
IntelKiller Ac 1550 Firmware Version < 3.1122.1105
   IntelKiller Ac 1550 Version-
IntelKiller Wi-fi 6 Ax1650 Firmware Version < 3.1122.1105
   IntelKiller Wi-fi 6 Ax1650 Version-
IntelKiller Wi-fi 6e Ax1690 Firmware Version < 3.1122.1105
   IntelKiller Wi-fi 6e Ax1690 Version-
IntelKiller Wi-fi 6e Ax1675 Firmware Version < 3.1122.1105
   IntelKiller Wi-fi 6e Ax1675 Version-
IntelWireless-ac 9260 Firmware Version < 22.120
   IntelWireless-ac 9260 Version-
IntelProset Wi-fi 6e Ax210 Firmware Version < 22.120
   IntelProset Wi-fi 6e Ax210 Version-
IntelWi-fi 6e Ax211 Firmware Version < 22.120
   IntelWi-fi 6e Ax211 Version-
IntelWi-fi 6 Ax200 Firmware Version < 22.120
   IntelWi-fi 6 Ax200 Version-
IntelWi-fi 6 Ax201 Firmware Version < 22.120
   IntelWi-fi 6 Ax201 Version-
IntelWi-fi 6e Ax411 Firmware Version < 22.120
   IntelWi-fi 6e Ax411 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.07% 0.206
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-863 Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.