CVE-2021-0162

Vulnerability

An improper input validation vulnerability exists in the Intel® PROSet/Wireless Wi-Fi and Killer™ Wi-Fi software for Windows 10 and Windows 11. This issue affects versions of the software prior to the updates specified in Intel advisory INTEL-SA-00539 [1]. The vulnerability occurs due to insufficient validation of input from adjacent network sources, potentially allowing an attacker to trigger a privilege escalation condition.

Exploitation

An unauthenticated attacker with adjacent network access (e.g., within Wi-Fi range) can exploit this vulnerability by sending specially crafted network packets to the affected system. The attack requires no user interaction or prior authentication, making it remotely exploitable from a close physical proximity [1].

Impact

Successful exploitation allows the attacker to escalate privileges on the target system, potentially gaining elevated access beyond the intended user permissions. This could lead to unauthorized operations, installation of programs, or modification of system settings [1].

Mitigation

Intel has released software updates to address this vulnerability. Users should update their Intel PROSet/Wireless Wi-Fi and Killer Wi-Fi software to the latest versions provided in the advisory INTEL-SA-00539 [1]. No workarounds are available, and there is no evidence of exploitation in the wild at the time of publication.