CVE-2021-0066

HIGH

Intel PROSet/Wireless and Killer Wi-Fi Firmware - Unauthenticated Privilege Escalation via Local Input Validation Flaw

Title source: llm

Description

Improper input validation in firmware for Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and Killer(TM) Wi-Fi in Windows 10 and 11 may allow an unauthenticated user to potentially enable escalation of privilege via local access.

References (1)

Core 1

Core References

Patch, Vendor Advisory x_refsource_misc

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html

Scores

CVSS v3 8.4

EPSS 0.0011

EPSS Percentile 29.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-20

Status published

Products (22)

intel/amt_ac_8260_firmware < 11.8.90

intel/amt_ac_8265_firmware < 11.8.90

intel/amt_ac_9260_firmware < 12.0.85

intel/amt_ac_9560_firmware < 12.0.85

intel/amt_wi-fi_6_ax200_firmware < 12.0.85

intel/amt_wi-fi_6_ax201_firmware 14.0.0 - 14.1.60

intel/amt_wi-fi_6_ax210_firmware < 15.0.35

intel/killer_ac_1550_firmware < 3.0

intel/killer_wi-fi_6_ax1650_firmware < 3.0

intel/killer_wi-fi_6e_ax1675_firmware < 3.0

... and 12 more

Published Feb 09, 2022

Tracked Since Feb 18, 2026