U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:h:intel:ac_8265:-:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 26 matching records.
Displaying matches 21 through 26.
Vuln ID Summary CVSS Severity
CVE-2020-24588

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.

Published: May 11, 2021; 4:15:08 PM -0400
V4.0:(not available)
V3.1: 3.5 LOW
V2.0: 2.9 LOW
CVE-2020-24587

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.

Published: May 11, 2021; 4:15:08 PM -0400
V4.0:(not available)
V3.1: 2.6 LOW
V2.0: 1.8 LOW
CVE-2020-24586

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data.

Published: May 11, 2021; 4:15:08 PM -0400
V4.0:(not available)
V3.1: 3.5 LOW
V2.0: 2.9 LOW
CVE-2020-0569

Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access.

Published: November 23, 2020; 12:15:12 PM -0500
V4.0:(not available)
V3.1: 5.7 MEDIUM
V2.0: 2.7 LOW
CVE-2020-0555

Improper input validation for some Intel(R) Wireless Bluetooth(R) products may allow an authenticated user to potentially enable escalation of privilege via local access.

Published: August 13, 2020; 12:15:12 AM -0400
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2019-14620

Insufficient control flow management for some Intel(R) Wireless Bluetooth(R) products may allow an unprivileged user to potentially enable denial of service via adjacent access.

Published: August 13, 2020; 12:15:12 AM -0400
V4.0:(not available)
V3.1: 6.5 MEDIUM
V2.0: 3.3 LOW