CVE-2020-12321 — HIGH (8.8)

Q: What is CVE-2020-12321?

CVE-2020-12321 is a vulnerability with a CVSS score of 8.8 (HIGH). Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

Q: How severe is CVE-2020-12321?

CVE-2020-12321 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2020-12321?

Check the references section above for vendor advisories and patch information. Affected products include: Intel Dual Band Wireless-Ac 3168 Firmware, Intel Dual Band Wireless-Ac 3168, Intel Dual Band Wireless-Ac 8260 Firmware, Intel Dual Band Wireless-Ac 8260, Intel Dual Band Wireless-Ac 8265 Firmware.

Vulnerability Description

Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

CVSS Score

8.8

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Intel	Dual Band Wireless-Ac 3168 Firmware	< 21.110
Intel	Dual Band Wireless-Ac 3168	-
Intel	Dual Band Wireless-Ac 8260 Firmware	< 21.110
Intel	Dual Band Wireless-Ac 8260	-
Intel	Dual Band Wireless-Ac 8265 Firmware	< 21.110
Intel	Dual Band Wireless-Ac 8265	-
Intel	Wi-Fi 6 Ax200 Firmware	< 21.110
Intel	Wi-Fi 6 Ax200	-
Intel	Wi-Fi 6 Ax201 Firmware	< 21.110
Intel	Wi-Fi 6 Ax201	-
Intel	Wireless-Ac 9260 Firmware	< 21.110
Intel	Wireless-Ac 9260	-
Intel	Wireless-Ac 9461 Firmware	< 21.110
Intel	Wireless-Ac 9461	-
Intel	Wireless-Ac 9462 Firmware	< 21.110
Intel	Wireless-Ac 9462	-
Intel	Wireless-Ac 9560 Firmware	< 21.110
Intel	Wireless-Ac 9560	-
Intel	Wireless 7265 \(Rev D\) Firmware	< 21.110
Intel	Wireless 7265 \(Rev D\)	-

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00403PatchVendor Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00403PatchVendor Advisory

FAQ

What is CVE-2020-12321?

CVE-2020-12321 is a vulnerability with a CVSS score of 8.8 (HIGH). Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

How severe is CVE-2020-12321?

CVE-2020-12321 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-12321?

Check the references section above for vendor advisories and patch information. Affected products include: Intel Dual Band Wireless-Ac 3168 Firmware, Intel Dual Band Wireless-Ac 3168, Intel Dual Band Wireless-Ac 8260 Firmware, Intel Dual Band Wireless-Ac 8260, Intel Dual Band Wireless-Ac 8265 Firmware.