Rewterz Threat Advisory – Multiple Intel Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2021-33068 

Intel AMT is vulnerable to a denial of service, caused by a NULL pointer dereference in the subsystem. By sending a specially-crafted request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service.

CVE-2021-33139 

Intel Wireless Bluetooth and Intel Killer Bluetooth products are vulnerable to a denial of service, caused by improper conditions checking in the firmware. A remote authenticated attacker could exploit this vulnerability to cause a denial of service.

CVE-2021-33155 

Intel Wireless Bluetooth and Intel Killer Bluetooth products are vulnerable to a denial of service, caused by improper input validation in the firmware. A remote authenticated attacker could exploit this vulnerability to cause a denial of service.

CVE-2021-33110 

Intel Wireless Bluetooth and Intel Killer Bluetooth products are vulnerable to a denial of service, caused by improper input validation. A remote attacker could exploit this vulnerability to cause a denial of service.

Impact

• Denial of Service

Indicators of Compromise

CVE

• CVE-2021-33068
• CVE-2021-33139
• CVE-2021-33155
• CVE-2021-33110

Affected Vendors

Intel

Affected Products

• Intel AMT 15.0.34
• Intel Wi-Fi 6 AX201
• Intel Wireless-AC 9560
• Intel Wireless-AC 9462
• Intel Wireless-AC 9260
• Intel Dual Band Wireless-AC 8265
• Intel Dual Band Wireless-AC 8260
• Intel Dual Band Wireless-AC 3168
• Intel Wireless 7265 (Rev D) Family
• Intel Dual Band Wireless-AC 3165
• Intel Killer Wireless-AC 1550
• Intel Wi-Fi 6E AX1675
• Intel Wi-Fi 6 AX1650
• Intel Wireless-AC 1550
• Intel Wireless-AC 9461
• Intel Killer Wi-Fi 6E AX1675
• Intel Killer Wi-Fi 6 AX1650
• Intel Wi-Fi 6 AX210
• Intel Wi-Fi 6 AX200
• Intel Wi-Fi 6 AX211
• Intel Wi-Fi 6 AX210 Intel Wi-Fi 6 AX201

Remediation

Refer to INTEL Security Advisory for patch, upgrade, or suggested workaround information.

CVE-2021-33068

CVE-2021-33139

CVE-2021-33155

CVE-2021-33110