CVE-2021-37409 — HIGH (7.8)

Q: What is CVE-2021-37409?

CVE-2021-37409 is a vulnerability with a CVSS score of 7.8 (HIGH). Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access.

Q: How severe is CVE-2021-37409?

CVE-2021-37409 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2021-37409?

Check the references section above for vendor advisories and patch information. Affected products include: Intel Wireless-Ac 9560 Firmware, Intel Wireless-Ac 9560, Intel Wireless-Ac 9462 Firmware, Intel Wireless-Ac 9462, Intel Wireless-Ac 9461 Firmware.

Vulnerability Description

Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Intel	Wireless-Ac 9560 Firmware	< 22.120
Intel	Wireless-Ac 9560	-
Intel	Wireless-Ac 9462 Firmware	< 22.120
Intel	Wireless-Ac 9462	-
Intel	Wireless-Ac 9461 Firmware	< 22.120
Intel	Wireless-Ac 9461	-
Intel	Killer Ac 1550 Firmware	< 3.1122.1105
Intel	Killer Ac 1550	-
Intel	Killer Wi-Fi 6 Ax1650 Firmware	< 3.1122.1105
Intel	Killer Wi-Fi 6 Ax1650	-
Intel	Killer Wi-Fi 6E Ax1690 Firmware	< 3.1122.1105
Intel	Killer Wi-Fi 6E Ax1690	-
Intel	Killer Wi-Fi 6E Ax1675 Firmware	< 3.1122.1105
Intel	Killer Wi-Fi 6E Ax1675	-
Intel	Wireless-Ac 9260 Firmware	< 22.120
Intel	Wireless-Ac 9260	-
Intel	Proset Wi-Fi 6E Ax210 Firmware	< 22.120
Intel	Proset Wi-Fi 6E Ax210	-
Intel	Wi-Fi 6E Ax211 Firmware	< 22.120
Intel	Wi-Fi 6E Ax211	-

Related Weaknesses (CWE)

CWE-863

References

FAQ

What is CVE-2021-37409?

CVE-2021-37409 is a vulnerability with a CVSS score of 7.8 (HIGH). Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access.

How severe is CVE-2021-37409?

CVE-2021-37409 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-37409?

Check the references section above for vendor advisories and patch information. Affected products include: Intel Wireless-Ac 9560 Firmware, Intel Wireless-Ac 9560, Intel Wireless-Ac 9462 Firmware, Intel Wireless-Ac 9462, Intel Wireless-Ac 9461 Firmware.