CVE-2020-12321: Intel Wireless Bluetooth products Escalation of Privilege Vulnerability Alert
On November 10, 2020, Intel officially released a risk notice for the Intel Wireless Bluetooth products privilege escalation vulnerability. The vulnerability number is CVE-2020-12321. The vulnerability level is critical, and CVSS Base Score: 9.6.
Vulnerability Detail
Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
Affected Product
Affected Product- Intel® Wi-Fi 6 AX201
- Intel® Wi-Fi 6 AX200
- Intel® Wireless-AC 9560
- Intel® Wireless-AC 9462
- Intel® Wireless-AC 9461
- Intel® Wireless-AC 9260
- Intel® Dual Band Wireless-AC 8265
- Intel® Dual Band Wireless-AC 8260
- Intel® Dual Band Wireless-AC 3168
- Intel® Wireless 7265 (Rev D) Family
- Intel® Dual Band Wireless-AC 3165
Solution
In this regard, we recommend that users upgrade Intel® Wireless Bluetooth® products to version 21.110 or later in time.
