Vulnerability CVE-2021-33139

Vulnerability Name:

CVE-2021-33139 (CCN-219015)

Assigned:

2021-05-18

Published:

2022-02-08

Updated:

2022-02-15

Summary:

Improper conditions check in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.100 may allow an authenticated user to potentially enable denial of service via adjacent access.

CVSS v3 Severity:

5.7 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
5.0 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Adjacent Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

5.7 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
5.0 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Adjacent Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

CVSS v2 Severity:

2.7 Low (CVSS v2 Vector: AV:A/AC:L/Au:S/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Adjacent_Network Access Complexity (AC): Low Authentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

5.5 Medium (CCN CVSS v2 Vector: AV:A/AC:L/Au:S/C:N/I:N/A:C)

Exploitability Metrics:	Access Vector (AV): Adjacent_Network Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

Vulnerability Type:

CWE-754

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2021-33139

Source: XF
Type: UNKNOWN
intel-cve202133139-dos(219015)

Source: CCN
Type: INTEL-SA-00604
Intel Wireless Bluetooth and Killer Bluetooth Advisory

Source: MISC
Type: Vendor Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00604.html

Vulnerable Configuration:

Configuration 1:

cpe:/o:intel:ax211_firmware:*:*:*:*:*:*:*:* (Version < 22.100)

AND

cpe:/h:intel:ax211:-:*:*:*:*:*:*:*

Configuration 2:

cpe:/o:intel:ax210_firmware:*:*:*:*:*:*:*:* (Version < 22.100)

AND

cpe:/h:intel:ax210:-:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:intel:ax201_firmware:*:*:*:*:*:*:*:* (Version < 22.100)

AND

cpe:/h:intel:ax201:-:*:*:*:*:*:*:*

Configuration 4:

cpe:/o:intel:ax200_firmware:*:*:*:*:*:*:*:* (Version < 22.100)

AND

cpe:/h:intel:ax200:-:*:*:*:*:*:*:*

Configuration 5:

cpe:/o:intel:ac_9560_firmware:*:*:*:*:*:*:*:* (Version < 22.100)

AND

cpe:/h:intel:ac_9560:-:*:*:*:*:*:*:*

Configuration 6:

cpe:/o:intel:ac_9462_firmware:*:*:*:*:*:*:*:* (Version < 22.100)

AND

cpe:/h:intel:ac_9462:-:*:*:*:*:*:*:*

Configuration 7:

cpe:/o:intel:ac_9461_firmware:*:*:*:*:*:*:*:* (Version < 22.100)

AND

cpe:/h:intel:ac_9461:-:*:*:*:*:*:*:*

Configuration 8:

cpe:/o:intel:ac_9260_firmware:*:*:*:*:*:*:*:* (Version < 22.100)

AND

cpe:/h:intel:ac_9260:-:*:*:*:*:*:*:*

Configuration 9:

cpe:/o:intel:ac_8265_firmware:*:*:*:*:*:*:*:* (Version < 22.100)

AND

cpe:/h:intel:ac_8265:-:*:*:*:*:*:*:*

Configuration 10:

cpe:/o:intel:ac_8260_firmware:*:*:*:*:*:*:*:* (Version < 22.100)

AND

cpe:/h:intel:ac_8260:-:*:*:*:*:*:*:*

Configuration 11:

cpe:/o:intel:ac3168_firmware:*:*:*:*:*:*:*:* (Version < 22.100)

AND

cpe:/h:intel:ac3168:-:*:*:*:*:*:*:*

Configuration 12:

cpe:/o:intel:ac_7265_firmware:*:*:*:*:*:*:*:* (Version < 22.100)

AND

cpe:/h:intel:ac_7265:-:*:*:*:*:*:*:*

Configuration 13:

cpe:/o:intel:ac_3165_firmware:*:*:*:*:*:*:*:* (Version < 22.100)

AND

cpe:/h:intel:ac_3165:-:*:*:*:*:*:*:*

Configuration 14:

cpe:/o:intel:ax1675_firmware:*:*:*:*:*:*:*:* (Version < 22.100)

AND

cpe:/h:intel:ax1675:-:*:*:*:*:*:*:*

Configuration 15:

cpe:/o:intel:ax1650_firmware:*:*:*:*:*:*:*:* (Version < 22.100)

AND

cpe:/h:intel:ax1650:-:*:*:*:*:*:*:*

Configuration 16:

cpe:/o:intel:ac_1550_firmware:*:*:*:*:*:*:*:* (Version < 22.100)

AND

cpe:/h:intel:ac_1550:-:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/h:intel:wi-fi_6_ax201:-:*:*:*:*:*:*:*

OR cpe:/h:intel:wi-fi_6_ax200:-:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:7540	P	kernel-firmware-all-20230320-150500.1.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:3609	P	libipa_hbac0-1.16.1-4.17.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:2961	P	kernel-firmware-all-20220119-150400.2.3 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94591	P	kernel-firmware-all-20220119-150400.2.3 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95239	P	Security update for kernel-firmware (Important)	2022-06-02
oval:org.opensuse.security:def:511	P	Security update for kernel-firmware (Important)	2022-06-02
oval:org.opensuse.security:def:119209	P	Security update for kernel-firmware (Moderate)	2022-05-19
oval:org.opensuse.security:def:119584	P	Security update for kernel-firmware (Moderate)	2022-05-19
oval:org.opensuse.security:def:118902	P	Security update for kernel-firmware (Moderate)	2022-05-19
oval:org.opensuse.security:def:119399	P	Security update for kernel-firmware (Moderate)	2022-05-19
oval:org.opensuse.security:def:118712	P	Security update for kernel-firmware (Moderate)	2022-05-19
oval:org.opensuse.security:def:101578	P	Security update for kernel-firmware (Important)	2022-03-31
oval:org.opensuse.security:def:847	P	Security update for kernel-firmware (Important)	2022-03-31
oval:org.opensuse.security:def:42259	P	Security update for kernel-firmware (Important)	2022-03-31
oval:org.opensuse.security:def:126987	P	Security update for kernel-firmware (Moderate)	2022-03-21
oval:org.opensuse.security:def:127385	P	Security update for kernel-firmware (Moderate)	2022-03-21
oval:org.opensuse.security:def:6203	P	Security update for kernel-firmware (Moderate)	2022-03-21
oval:org.opensuse.security:def:125825	P	Security update for kernel-firmware (Moderate)	2022-03-21
oval:org.opensuse.security:def:42207	P	Security update for kernel-firmware (Important)	2022-03-04
oval:org.opensuse.security:def:119324	P	Security update for kernel-firmware (Important)	2022-03-04
oval:org.opensuse.security:def:119692	P	Security update for kernel-firmware (Important)	2022-03-04
oval:org.opensuse.security:def:119019	P	Security update for kernel-firmware (Important)	2022-03-04
oval:org.opensuse.security:def:119130	P	Security update for kernel-firmware (Important)	2022-03-04
oval:org.opensuse.security:def:119507	P	Security update for kernel-firmware (Important)	2022-03-04
oval:org.opensuse.security:def:118829	P	Security update for kernel-firmware (Important)	2022-03-04

BACK