CVE-2021-23179
Description
Out of bounds read in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow a privileged user to potentially enable information disclosure via local access.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
An out-of-bounds read in Intel Wireless Bluetooth and Killer Bluetooth firmware before 22.120 allows a privileged local attacker to disclose sensitive information.
Vulnerability
An out-of-bounds read vulnerability exists in the firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120. The flaw is triggered during certain memory read operations within the firmware, allowing a privileged user to access data beyond the intended buffer boundaries [1].
Exploitation
An attacker must have local access and sufficient privileges (e.g., administrative or system-level access) to trigger the vulnerable code path. The read operation must be crafted to cause the firmware to read from an out-of-bounds memory location. No user interaction is required beyond the initial privilege elevation [1].
Impact
Successful exploitation results in information disclosure, potentially exposing sensitive data from the firmware memory space. The attacker does not gain code execution or direct control over the system, but leaked data could aid in further attacks [1].
Mitigation
Intel released firmware version 22.120 to address this issue. Users should update their Bluetooth firmware to the latest version provided by their device manufacturer. There is no known workaround if the update cannot be applied; updating is the sole mitigation [1].
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: <22.120
- Range: <22.120
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00628.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.