Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2020.3967 Intel PROSet/Wireless WiFi Software Advisory 11 November 2020 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Intel PROSet/Wireless WiFi products Publisher: Intel Operating System: Windows Linux variants Impact/Access: Increased Privileges -- Remote/Unauthenticated Denial of Service -- Remote/Unauthenticated Reduced Security -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2020-12319 CVE-2020-12318 CVE-2020-12317 CVE-2020-12314 CVE-2020-12313 CVE-2017-13080 Original Bulletin: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html - --------------------------BEGIN INCLUDED TEXT-------------------- Intel ID: INTEL-SA-00402 Advisory Category: Firmware, Software Impact of vulnerability : Escalation of Privilege, Denial of Service Severity rating : HIGH Original release: 11/10/2020 Last revised: 11/10/2020 Summary: Potential security vulnerabilities in some Intel PROSet/Wireless WiFi products may allow escalation of privilege or denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2020-12313 Description: Insufficient control flow management in some Intel(R) PROSet/ Wireless WiFi products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. CVSS Base Score: 8.3 High CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H CVEID: CVE-2020-12314 Description: Improper input validation in some Intel(R) PROSet/Wireless WiFi products before version 21.110 may allow an unauthenticated user to potentially enable denial of service via adjacent access. CVSS Base Score: 8.2 High CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:H CVEID: CVE-2020-12318 Description: Protection mechanism failure in some Intel(R) PROSet/Wireless WiFi products before version 21.110 may allow an authenticated user to potentially enable escalation of privilege via local access. CVSS Base Score: 7.8 High CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H CVEID: CVE-2020-12317 Description: Improper buffer restriction in some Intel(R) PROSet/Wireless WiFi products before version 21.110 may allow an unauthenticated user to potentially enable denial of service via adjacent access. CVSS Base Score: 7.1 High CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H CVEID: CVE-2020-12319 Description: Insufficient control flow management in some Intel(R) PROSet/ Wireless WiFi products before version 21.110 may allow an unauthenticated user to potentially enable denial of service via adjacent access. CVSS Base Score: 6.5 Medium CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVEID (Non-Intel issued): CVE-2017-13080 Description: Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients. CVSS Base Score: 5.3 Medium CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: Intel PROSet/Wireless products: IntelWi-Fi 6 AX201 Intel Wi-Fi 6 AX200 Intel Wireless-AC 9560 Intel Wireless-AC 9462 Intel Wireless-AC 9461 Intel Wireless-AC 9260 Intel Dual Band Wireless-AC 8265 Intel Dual Band Wireless-AC 8260 Intel Dual Band Wireless-AC 3168 Intel Wireless 7265 (Rev D)Family Intel Dual Band Wireless-AC 3165 Recommendations: Windows* OS: All CVEs are applicable to Windows 10. Updates are available for download at this location: https://www.intel.com/content/www/us/en/support.html Customers can also download the latest available software from the Intel Customer Support site here. Chrome OS: Only CVE-2020-12313, CVE-2020-12317, CVE-2020-12319 and CVE-2017-13080 are applicable to the Chrome OS. Intel PROSet/Wireless drivers to mitigate these vulnerabilities will be up streamed to Chromium by November 10th, 2020. For any Google Chrome OS solution and schedule, please contact Google directly. Linux OS: Only CVE-2020-12313, CVE-2020-12317, CVE-2020-12319 and CVE-2017-13080 are applicable to the Linux OS. Intel PROSet/Wireless drivers to mitigate these vulnerabilities will be up streamed by November 10th, 2020. Consult the regular Open Source channels to obtain this update. Acknowledgements: Intel would like to thank Mathy Vanhoef of the imec-DistriNet group at KU Leuven for CVE-2017-13080. All other issues were found internally by Intel employee Igor Metrik. Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available. Revision History Revision Date Description 1.0 11/10/2020 Initial Release - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBX6tRKONLKJtyKPYoAQjONA/+Mz7uIowXr2GuYBURX027qQKiO4OrLZUV j/PVRMacqk6Vwcqa6FjkjMb+lhVcNzMT2Xb2ckzTdJdBVDTFdo29OvNFhLr6zQ2L cVoWL0rLNsEj+ng387hD5J1I49KOV69YZzSfYF+Bad6ETj9qL11vJxMQztJkuUSy PuyfLE0D4JVQtXhu6nbufTLslCKoI63YvlXzPTDWo1hVv+4SPqR9IC+m/MYwPs7k 19ME7aA9Bs3EH4Zlte2YN/Uk4W4lrDQFgBe2f3ebdkXXq79IsIbMIRVp/DHVnKu7 sIIBckrZM5ErrAZuOGMh/xdswzcXVfq+Sp2GaGfWcUjJjwTToCoJZbnaac4zAGTN BYJIKEM7EUKHPBDlcYIx2O/ysfAuvq0A8kNUh8cRRbaLzA5PLr8LO50AYhlfjpzW GieHoTxKt6gW2rChXN+IFbJJP30D8c7l4GClY0arxSX9NifG5sp0/IdAnK4wTkzE NkxmyegdiWnt3vbazyYk8eNe0LJdKWbQxvnUIsA3sv2tKl3MKoJkeQyd0yIYdC4X WnT2grnGdHBZYN/ZsWOCUyEezbPW70Bl5kvH440CmWAOoiGompz5KK+39ttlAbUJ J/6QC2aVTT/JOAVScefPtiLaqYq0D95zyI/3rccedhLjMVx/hVJRxn7YEjDrzqAI z04ImPQv2Fg= =/qsL -----END PGP SIGNATURE-----