CVE-2021-33847

moderate-risk

Published 2022-08-18

Improper buffer restrictions in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow an authenticated user to potentially enable escalation of privilege via local access.

Do I need to act?

0.06% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.8/10 High

LOCAL / LOW complexity

Affected Products (18)

Wi-Fi 6 Ax411 Firmware

Wi-Fi 6 Ax211 Firmware

Wi-Fi 6 Ax210 Firmware

Wi-Fi 6 Ax201 Firmware

Wi-Fi 6 Ax200 Firmware

Wireless-Ac 9560 Firmware

Wireless-Ac 9462 Firmware

Wireless-Ac 9461 Firmware

Wireless-Ac 9260 Firmware

Dual Band Wireless-Ac 8265 Firmware

Dual Band Wireless-Ac 8260 Firmware

Dual Band Wireless-Ac 3168 Firmware

Wireless 7265 Firmware

Dual Band Wireless-Ac 3165 Firmware

Killer Wi-Fi 6E Ax1690 Firmware

Killer Wi-Fi 6E Ax1675 Firmware

Killer Wi-Fi 6 Ax1650 Firmware

Killer Wireless-Ac 1550 Firmware

Affected Vendors

Intel

References (2)

Patch https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00628....

/ 100

moderate-risk

Severity 24/34 · High

Exploitability 0/34 · Minimal

Exposure 19/34 · Moderate