CVE-2021-26257

Improper buffer restrictions in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow an authenticated user to potentially enable denial of service via local access.

Published: Aug 18, 2022
Updated: Apr 14, 2023
CVE: CVE-2021-26257
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
intel / wi-fi_6_ax411_firmware	-	22.120
intel / wi-fi_6_ax211_firmware	-	22.120
intel / wi-fi_6_ax210_firmware	-	22.120
intel / wi-fi_6_ax201_firmware	-	22.120
intel / wi-fi_6_ax200_firmware	-	22.120
intel / wireless-ac_9560_firmware	-	22.120
intel / wireless-ac_9462_firmware	-	22.120
intel / wireless-ac_9461_firmware	-	22.120
intel / wireless-ac_9260_firmware	-	22.120
intel / dual_band_wireless-ac_8265_firmware	-	22.120
intel / dual_band_wireless-ac_8260_firmware	-	22.120
intel / dual_band_wireless-ac_3168_firmware	-	22.120
intel / wireless_7265_firmware	-	22.120
intel / dual_band_wireless-ac_3165_firmware	-	22.120
intel / killer_wi-fi_6e_ax1690_firmware	-	22.120
intel / killer_wi-fi_6e_ax1675_firmware	-	22.120
intel / killer_wi-fi_6_ax1650_firmware	-	22.120
intel / killer_wireless-ac_1550_firmware	-	22.120

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00628.html

Vulnerability Database

289,697

CVE-2021-26257