CVE-2021-26257

MEDIUM

Intel Wi-Fi and Bluetooth Firmware < 22.120 - Authenticated Denial of Service via Buffer Overflow

Title source: llm

Description

Improper buffer restrictions in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow an authenticated user to potentially enable denial of service via local access.

References (1)

Core 1

Core References

Patch, Vendor Advisory x_refsource_misc

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00628.html

Scores

CVSS v3 5.5

EPSS 0.0005

EPSS Percentile 16.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-119

Status published

Products (18)

intel/dual_band_wireless-ac_3165_firmware < 22.120

intel/dual_band_wireless-ac_3168_firmware < 22.120

intel/dual_band_wireless-ac_8260_firmware < 22.120

intel/dual_band_wireless-ac_8265_firmware < 22.120

intel/killer_wi-fi_6_ax1650_firmware < 22.120

intel/killer_wi-fi_6e_ax1675_firmware < 22.120

intel/killer_wi-fi_6e_ax1690_firmware < 22.120

intel/killer_wireless-ac_1550_firmware < 22.120

intel/wi-fi_6_ax200_firmware < 22.120

intel/wi-fi_6_ax201_firmware < 22.120

... and 8 more

Published Aug 18, 2022

Tracked Since Feb 18, 2026