TROYANOSYVIRUS
Back to CVEs

CVE-2021-0169

MEDIUM
6.7

Description

Uncontrolled Search Path Element in software for Intel(R) PROSet/Wireless Wi-Fi in Windows 10 and 11 may allow a privileged user to potentially enable escalation of privilege via local access.

CVE Details

CVSS v3.1 Score6.7
SeverityMEDIUM
CVSS VectorCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack VectorLOCAL
ComplexityLOW
Privileges RequiredHIGH
User InteractionNONE
Published2/9/2022
Last Modified5/5/2025
Sourcenvd
Honeypot Sightings0

Affected Products

intel:amt_ac_8260intel:amt_ac_8260_firmwareintel:amt_ac_8265intel:amt_ac_8265_firmwareintel:amt_ac_9260intel:amt_ac_9260_firmwareintel:amt_ac_9560intel:amt_ac_9560_firmwareintel:amt_wi-fi_6_ax200intel:amt_wi-fi_6_ax200_firmwareintel:amt_wi-fi_6_ax201intel:amt_wi-fi_6_ax201_firmwareintel:amt_wi-fi_6_ax210intel:amt_wi-fi_6_ax210_firmwareintel:killer_ac_1550intel:killer_ac_1550_firmwareintel:killer_wi-fi_6_ax1650intel:killer_wi-fi_6_ax1650_firmwareintel:killer_wi-fi_6e_ax1675intel:killer_wi-fi_6e_ax1675_firmwareintel:proset_ac_3165intel:proset_ac_3165_firmwareintel:proset_ac_3168intel:proset_ac_3168_firmwareintel:proset_ac_8260intel:proset_ac_8260_firmwareintel:proset_ac_8265intel:proset_ac_8265_firmwareintel:proset_ac_9260intel:proset_ac_9260_firmwareintel:proset_ac_9461intel:proset_ac_9461_firmwareintel:proset_ac_9462intel:proset_ac_9462_firmwareintel:proset_ac_9560intel:proset_ac_9560_firmwareintel:proset_wi-fi_6_ax200intel:proset_wi-fi_6_ax200_firmwareintel:proset_wi-fi_6_ax201intel:proset_wi-fi_6_ax201_firmwareintel:proset_wi-fi_6e_ax210intel:proset_wi-fi_6e_ax210_firmwareintel:proset_wireless_7265_\(rev_d\)intel:proset_wireless_7265_\(rev_d\)_firmware

Weaknesses (CWE)

CWE-427CWE-427

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html(secure@intel.com)
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.