CVSS: 7.8EPSS: 0%CPEs: 30EXPL: 0CVE-2021-0151
https://notcve.org/view.php?id=CVE-2021-0151
Improper access control in the installer for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products in Windows 10 may allow an authenticated user to potentially enable escalation of privilege via local access. Un control de acceso inapropiado en el instalador para algunos productos Intel® Wireless Bluetooth(R) y Killerâ„¢ Bluetooth (R) en Windows 10 puede permitir a un usuario autenticado habilitar potencialmente una escalada de privilegios por medio de un acceso local • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00540.html •
CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 0CVE-2021-0065
https://notcve.org/view.php?id=CVE-2021-0065
Incorrect default permissions in the Intel(R) PROSet/Wireless WiFi software installer for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access. Los permisos predeterminados incorrectos en el instalador del software Intel® PROSet / Wireless WiFi para Windows 10 versiones anteriores a 22.40 pueden permitir que un usuario autenticado habilitar potencialmente una escalada de privilegios por medio de un acceso local • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00509.html • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0CVE-2021-0064
https://notcve.org/view.php?id=CVE-2021-0064
Insecure inherited permissions in the Intel(R) PROSet/Wireless WiFi software installer for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access. Unos permisos heredados no seguros en el instalador del software Intel(R) PROSet/Wireless WiFi para Windows 10 versiones anteriores a 22.40, pueden permitir a un usuario autenticado habilitar potencialmente una escalada de privilegios por medio de un acceso local • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00509.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.3EPSS: 0%CPEs: 10EXPL: 0CVE-2021-0105
https://notcve.org/view.php?id=CVE-2021-0105
Insecure inherited permissions in some Intel(R) ProSet/Wireless WiFi drivers may allow an authenticated user to potentially enable information disclosure and denial of service via adjacent access. Unos permisos heredados no seguros en algunos controladores Intel® ProSet/Wireless WiFi pueden permitir a un usuario autenticado habilitar potencialmente una divulgación de información y una denegación de servicio por medio de un acceso adyacente • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00472.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 5.4EPSS: 0%CPEs: 32EXPL: 0CVE-2020-26555 – kernel: Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack
https://notcve.org/view.php?id=CVE-2020-26555
Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN. Un emparejamiento de código PIN BR/EDR heredado de Bluetooth en Bluetooth Core Specification versiones 1.0B hasta 5.2, puede permitir a un dispositivo cercano no autenticado falsificar el BD_ADDR del dispositivo peer para completar el emparejamiento sin conocer el PIN A vulnerability was found in Linux Kernel, where Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack. When an attacker connects to a victim device using the address of the device and the victim initiates a Pairing, the attacker can reflect the encrypted nonce even without knowledge of the key. • https://kb.cert.org/vuls/id/799380 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NSS6CTGE4UGTJLCOZOASDR3T3SLL6QJZ https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00520.html https://access.redhat.com/security/cve/CVE-2020-26555 https://bugzilla.redhat.com/show_bug.cgi?id=1918601 • CWE-400: Uncontrolled Resource Consumption CWE-863: Incorrect Authorization •