Vulnerability Name:

CVE-2021-0151 (CCN-213201)

Assigned:2020-10-22
Published:2021-11-09
Updated:2022-07-12
Summary:Improper access control in the installer for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products in Windows 10 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS v3 Severity:7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
6.7 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H)
5.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): High
Privileges Required (PR): Low
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
6.0 Medium (CCN CVSS v2 Vector: AV:L/AC:H/Au:S/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): High
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Privileges
References:Source: MITRE
Type: CNA
CVE-2021-0151

Source: XF
Type: UNKNOWN
intel-cve20210151-priv-esc(213201)

Source: CCN
Type: INTEL-SA-00540
Intel Wireless Bluetooth and Killer Bluetooth Advisory

Source: MISC
Type: Vendor Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00540.html

Vulnerable Configuration:Configuration 1:
  • cpe:/o:intel:ax210_firmware:*:*:*:*:*:*:*:* (Version < 22.60)
  • AND
  • cpe:/h:intel:ax210:-:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:intel:ax201_firmware:*:*:*:*:*:*:*:* (Version < 22.60)
  • AND
  • cpe:/h:intel:ax201:-:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/o:intel:ax200_firmware:*:*:*:*:*:*:*:* (Version < 22.60)
  • AND
  • cpe:/h:intel:ax200:-:*:*:*:*:*:*:*

    • Configuration 4:
  • cpe:/o:intel:ac_9560_firmware:*:*:*:*:*:*:*:* (Version < 22.60)
  • AND
  • cpe:/h:intel:ac_9560:-:*:*:*:*:*:*:*

    • Configuration 5:
  • cpe:/o:intel:ac_9462_firmware:*:*:*:*:*:*:*:* (Version < 22.60)
  • AND
  • cpe:/h:intel:ac_9462:-:*:*:*:*:*:*:*

    • Configuration 6:
  • cpe:/o:intel:ac_9461_firmware:*:*:*:*:*:*:*:* (Version < 22.60)
  • AND
  • cpe:/h:intel:ac_9461:-:*:*:*:*:*:*:*

    • Configuration 7:
  • cpe:/o:intel:ac_9260_firmware:*:*:*:*:*:*:*:* (Version < 22.60)
  • AND
  • cpe:/h:intel:ac_9260:-:*:*:*:*:*:*:*

    • Configuration 8:
  • cpe:/o:intel:ac_8265_firmware:*:*:*:*:*:*:*:* (Version < 22.60)
  • AND
  • cpe:/h:intel:ac_8265:-:*:*:*:*:*:*:*

    • Configuration 9:
  • cpe:/o:intel:ac_8260_firmware:*:*:*:*:*:*:*:* (Version < 22.60)
  • AND
  • cpe:/h:intel:ac_8260:-:*:*:*:*:*:*:*

    • Configuration 10:
  • cpe:/o:intel:ac_3168_firmware:*:*:*:*:*:*:*:* (Version < 22.60)
  • AND
  • cpe:/h:intel:ac_3168:-:*:*:*:*:*:*:*

    • Configuration 11:
  • cpe:/o:intel:ac_7265_firmware:*:*:*:*:*:*:*:* (Version < 22.60)
  • AND
  • cpe:/h:intel:ac_7265:-:*:*:*:*:*:*:*

    • Configuration 12:
  • cpe:/o:intel:ac_3165_firmware:*:*:*:*:*:*:*:* (Version < 22.60)
  • AND
  • cpe:/h:intel:ac_3165:-:*:*:*:*:*:*:*

    • Configuration 13:
  • cpe:/o:intel:ax1675_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:ax1675:-:*:*:*:*:*:*:*

    • Configuration 14:
  • cpe:/o:intel:ax1650_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:ax1650:-:*:*:*:*:*:*:*

    • Configuration 15:
  • cpe:/o:intel:ac1550_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:ac1550:-:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/h:intel:wi-fi_6_ax200:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:wi-fi_6_ax201:-:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    intel ax210 firmware *
    intel ax210 -
    intel ax201 firmware *
    intel ax201 -
    intel ax200 firmware *
    intel ax200 -
    intel ac 9560 firmware *
    intel ac 9560 -
    intel ac 9462 firmware *
    intel ac 9462 -
    intel ac 9461 firmware *
    intel ac 9461 -
    intel ac 9260 firmware *
    intel ac 9260 -
    intel ac 8265 firmware *
    intel ac 8265 -
    intel ac 8260 firmware *
    intel ac 8260 -
    intel ac 3168 firmware *
    intel ac 3168 -
    intel ac 7265 firmware *
    intel ac 7265 -
    intel ac 3165 firmware *
    intel ac 3165 -
    intel ax1675 firmware -
    intel ax1675 -
    intel ax1650 firmware -
    intel ax1650 -
    intel ac1550 firmware -
    intel ac1550 -
    intel wi-fi 6 ax200 -
    intel wi-fi 6 ax201 -