8.8
CVE-2022-21139
- EPSS 0.15%
- Veröffentlicht 18.08.2022 20:15:09
- Zuletzt bearbeitet 05.05.2025 17:17:39
- Quelle secure@intel.com
- CVE-Watchlists
- Unerledigt
Inadequate encryption strength for some Intel(R) PROSet/Wireless WiFi products may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Intel ≫ Wireless-ac 9560 Firmware Version < 22.120
Intel ≫ Wireless-ac 9462 Firmware Version < 22.120
Intel ≫ Wireless-ac 9461 Firmware Version < 22.120
Intel ≫ Wireless-ac 9260 Firmware Version < 22.120
Intel ≫ Proset Wi-fi 6e Ax210 Firmware Version < 22.120
Intel ≫ Wi-fi 6e Ax211 Firmware Version < 22.120
Intel ≫ Wi-fi 6 Ax200 Firmware Version < 22.120
Intel ≫ Wi-fi 6 Ax201 Firmware Version < 22.120
Intel ≫ Wi-fi 6e Ax411 Firmware Version < 22.120
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.15% | 0.047 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-326 Inadequate Encryption Strength
The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00621.html