CVE-2021-0169 : Uncontrolled Search Path Element in software for Intel(R) PROSet/Wireless Wi-Fi

Uncontrolled Search Path Element in software for Intel(R) PROSet/Wireless Wi-Fi in Windows 10 and 11 may allow a privileged user to potentially enable escalation of privilege via local access.

Published 2022-02-09 23:15:14

Updated 2022-02-15 16:06:33

Source Intel Corporation

View at NVD, CVE.org

Products affected by CVE-2021-0169

Intel » Amt Ac 8260 Firmware
Versions before (<) 11.8.90
cpe:2.3:o:intel:amt_ac_8260_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Amt Ac 8260 » Version: N/A
Intel » Amt Ac 8265 Firmware
Versions before (<) 11.8.90
cpe:2.3:o:intel:amt_ac_8265_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Amt Ac 8265 » Version: N/A
Intel » Amt Ac 9260 Firmware
Versions before (<) 12.0.85
cpe:2.3:o:intel:amt_ac_9260_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Amt Ac 9260 » Version: N/A
Intel » Amt Ac 9560 Firmware
Versions before (<) 12.0.85
cpe:2.3:o:intel:amt_ac_9560_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Amt Ac 9560 » Version: N/A
Intel » Amt Wi-fi 6 Ax200 Firmware
Versions before (<) 12.0.85
cpe:2.3:o:intel:amt_wi-fi_6_ax200_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Amt Wi-fi 6 Ax200 » Version: N/A
Intel » Amt Wi-fi 6 Ax200 Firmware
Versions from including (>=) 15.0.0 and before (<) 15.0.35
cpe:2.3:o:intel:amt_wi-fi_6_ax200_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Amt Wi-fi 6 Ax200 » Version: N/A
Intel » Amt Wi-fi 6 Ax200 Firmware
Versions from including (>=) 14.0.0 and before (<) 14.1.60
cpe:2.3:o:intel:amt_wi-fi_6_ax200_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Amt Wi-fi 6 Ax200 » Version: N/A
Intel » Amt Wi-fi 6 Ax201 Firmware
Versions from including (>=) 15.0.0 and before (<) 15.0.35
cpe:2.3:o:intel:amt_wi-fi_6_ax201_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Amt Wi-fi 6 Ax201 » Version: N/A
Intel » Amt Wi-fi 6 Ax201 Firmware
Versions from including (>=) 14.0.0 and before (<) 14.1.60
cpe:2.3:o:intel:amt_wi-fi_6_ax201_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Amt Wi-fi 6 Ax201 » Version: N/A
Intel » Amt Wi-fi 6 Ax210 Firmware
Versions before (<) 15.0.35
cpe:2.3:o:intel:amt_wi-fi_6_ax210_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Amt Wi-fi 6 Ax210 » Version: N/A
Intel » Proset Ac 3165 Firmware
Versions before (<) 22.60
cpe:2.3:o:intel:proset_ac_3165_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Proset Ac 3165 » Version: N/A
Intel » Proset Ac 3168 Firmware
Versions before (<) 22.60
cpe:2.3:o:intel:proset_ac_3168_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Proset Ac 3168 » Version: N/A
Intel » Proset Ac 8260 Firmware
Versions before (<) 22.60
cpe:2.3:o:intel:proset_ac_8260_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Proset Ac 8260 » Version: N/A
Intel » Proset Ac 8265 Firmware
Versions before (<) 22.60
cpe:2.3:o:intel:proset_ac_8265_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Proset Ac 8265 » Version: N/A
Intel » Proset Ac 9260 Firmware
Versions before (<) 22.60
cpe:2.3:o:intel:proset_ac_9260_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Proset Ac 9260 » Version: N/A
Intel » Proset Ac 9461 Firmware
Versions before (<) 22.60
cpe:2.3:o:intel:proset_ac_9461_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Proset Ac 9461 » Version: N/A
Intel » Proset Ac 9462 Firmware
Versions before (<) 22.60
cpe:2.3:o:intel:proset_ac_9462_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Proset Ac 9462 » Version: N/A
Intel » Proset Ac 9560 Firmware
Versions before (<) 22.60
cpe:2.3:o:intel:proset_ac_9560_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Proset Ac 9560 » Version: N/A
Intel » Proset Wi-fi 6 Ax200 Firmware
Versions before (<) 22.60
cpe:2.3:o:intel:proset_wi-fi_6_ax200_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Proset Wi-fi 6 Ax200 » Version: N/A
Intel » Proset Wi-fi 6 Ax201 Firmware
Versions before (<) 22.60
cpe:2.3:o:intel:proset_wi-fi_6_ax201_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Proset Wi-fi 6 Ax201 » Version: N/A
Intel » Proset Wi-fi 6e Ax210 Firmware
Versions before (<) 22.60
cpe:2.3:o:intel:proset_wi-fi_6e_ax210_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Proset Wi-fi 6e Ax210 » Version: N/A
Intel » Proset Wireless 7265 (rev D) Firmware
Versions before (<) 22.60
cpe:2.3:o:intel:proset_wireless_7265_\(rev_d\)_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Proset Wireless 7265 (rev D) » Version: N/A
Intel » Killer Ac 1550 Firmware
Versions before (<) 3.0
cpe:2.3:o:intel:killer_ac_1550_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Killer Ac 1550 » Version: N/A
Intel » Killer Wi-fi 6 Ax1650 Firmware
Versions before (<) 3.0
cpe:2.3:o:intel:killer_wi-fi_6_ax1650_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Killer Wi-fi 6 Ax1650 » Version: N/A
Intel » Killer Wi-fi 6e Ax1675 Firmware
Versions before (<) 3.0
cpe:2.3:o:intel:killer_wi-fi_6e_ax1675_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Killer Wi-fi 6e Ax1675 » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2021-0169

EPSS FAQ

0.17%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 35 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-0169

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.6	MEDIUM	AV:L/AC:L/Au:N/C:P/I:P/A:P	3.9	6.4	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
6.7	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	0.8	5.9	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: High User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2021-0169

CWE-427 Uncontrolled Search Path Element

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2021-0169

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html

INTEL-SA-00539
Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2021-0169

Products affected by CVE-2021-0169

Exploit prediction scoring system (EPSS) score for CVE-2021-0169

CVSS scores for CVE-2021-0169

CWE ids for CVE-2021-0169

References for CVE-2021-0169