Severity
Medium
Analysis Summary
CVE-2024-24984 CVSS:6.5
Improper input validation for some Intel(R) Wireless Bluetooth(R) products for Windows before version 23.40 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2024-33624 CVSS:4.3
Intel PROSet/Wireless WiFi software for Windows is vulnerable to a denial of service, caused by improper input validation. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2024-35245 CVSS:6.7
Uncontrolled search path element in some Intel(R) PROSet/Wireless WiFi software for Windows before version 23.60 may allow an authenticated user to potentially enable escalation of privilege via local access.
Impact
- Privilege Escalation
- Denial of Service
Indicators of Compromise
CVE
- CVE-2024-24984
- CVE-2024-33624
- CVE-2024-35245
Affected Vendors
Affected Products
- Intel Wi-Fi 6E AX210 (TyP2)
- Intel Killer Wi-Fi AX1675x/w2
- Intel Wi-Fi 6E AX211 (GfP2)
- Intel Killer Wi-Fi AX1675i/s2
- Intel Wireless-AC 9260 (ThP2)
Remediation
Refer to Intel Security Advisory for patch, upgrade or suggested workaround information.