8.8

CVE-2022-21139

Inadequate encryption strength for some Intel(R) PROSet/Wireless WiFi products may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IntelWireless-ac 9560 Firmware Version < 22.120
   IntelWireless-ac 9560 Version-
IntelWireless-ac 9462 Firmware Version < 22.120
   IntelWireless-ac 9462 Version-
IntelWireless-ac 9461 Firmware Version < 22.120
   IntelWireless-ac 9461 Version-
IntelWireless-ac 9260 Firmware Version < 22.120
   IntelWireless-ac 9260 Version-
IntelProset Wi-fi 6e Ax210 Firmware Version < 22.120
   IntelProset Wi-fi 6e Ax210 Version-
IntelWi-fi 6e Ax211 Firmware Version < 22.120
   IntelWi-fi 6e Ax211 Version-
IntelWi-fi 6 Ax200 Firmware Version < 22.120
   IntelWi-fi 6 Ax200 Version-
IntelWi-fi 6 Ax201 Firmware Version < 22.120
   IntelWi-fi 6 Ax201 Version-
IntelWi-fi 6e Ax411 Firmware Version < 22.120
   IntelWi-fi 6e Ax411 Version-
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.047
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 8.8 2.8 5.9
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 2.8 5.9
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-326 Inadequate Encryption Strength

The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00621.html
Patch
Vendor Advisory