Vulnerability Description
Inadequate encryption strength for some Intel(R) PROSet/Wireless WiFi products may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intel | Wireless-Ac 9560 Firmware | < 22.120 |
| Intel | Wireless-Ac 9560 | - |
| Intel | Wireless-Ac 9462 Firmware | < 22.120 |
| Intel | Wireless-Ac 9462 | - |
| Intel | Wireless-Ac 9461 Firmware | < 22.120 |
| Intel | Wireless-Ac 9461 | - |
| Intel | Wireless-Ac 9260 Firmware | < 22.120 |
| Intel | Wireless-Ac 9260 | - |
| Intel | Proset Wi-Fi 6E Ax210 Firmware | < 22.120 |
| Intel | Proset Wi-Fi 6E Ax210 | - |
| Intel | Wi-Fi 6E Ax211 Firmware | < 22.120 |
| Intel | Wi-Fi 6E Ax211 | - |
| Intel | Wi-Fi 6 Ax200 Firmware | < 22.120 |
| Intel | Wi-Fi 6 Ax200 | - |
| Intel | Wi-Fi 6 Ax201 Firmware | < 22.120 |
| Intel | Wi-Fi 6 Ax201 | - |
| Intel | Wi-Fi 6E Ax411 Firmware | < 22.120 |
| Intel | Wi-Fi 6E Ax411 | - |
Related Weaknesses (CWE)
References
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00621.PatchVendor Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00621.PatchVendor Advisory
FAQ
What is CVE-2022-21139?
CVE-2022-21139 is a vulnerability with a CVSS score of 8.8 (HIGH). Inadequate encryption strength for some Intel(R) PROSet/Wireless WiFi products may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
How severe is CVE-2022-21139?
CVE-2022-21139 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-21139?
Check the references section above for vendor advisories and patch information. Affected products include: Intel Wireless-Ac 9560 Firmware, Intel Wireless-Ac 9560, Intel Wireless-Ac 9462 Firmware, Intel Wireless-Ac 9462, Intel Wireless-Ac 9461 Firmware.