CVE-2020-12321: Intel Wireless Bluetooth products Escalation of Privilege Vulnerability Alert
On November 10, 2020, Intel officially released a risk notice for the Intel Wireless Bluetooth products privilege escalation vulnerability. The vulnerability number is CVE-2020-12321. The vulnerability level is critical, and CVSS Base Score: 9.6.
Vulnerability Detail
Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
Affected Product
- Intel® Wi-Fi 6 AX201
- Intel® Wi-Fi 6 AX200
- Intel® Wireless-AC 9560
- Intel® Wireless-AC 9462
- Intel® Wireless-AC 9461
- Intel® Wireless-AC 9260
- Intel® Dual Band Wireless-AC 8265
- Intel® Dual Band Wireless-AC 8260
- Intel® Dual Band Wireless-AC 3168
- Intel® Wireless 7265 (Rev D) Family
- Intel® Dual Band Wireless-AC 3165
Solution
In this regard, we recommend that users upgrade Intel® Wireless Bluetooth® products to version 21.110 or later in time.