Due to improper error handling in SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an attacker could submit multiple HTTP server requests resulting in errors, such that it consumes the memory buffer. This could result in system shutdown rendering the system unavailable.

**Note#****Title****Priority****CVSS**3123396

\[CVE-2022-22536\] **Request smuggling and request concatenation in SAP NetWeaver, SAP Content Server and SAP Web Dispatcher**                             Product \- SAP Web Dispatcher, Versions - 7.49, 7.53, 7.77, 7.81, 7.85, 7.22EXT, 7.86, 7.87  
Product \- SAP Content Server, Version - 7.53  
Product - SAP NetWeaver and ABAP Platform, Versions - KERNEL 7.22, 8.04, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, KRNL64UC 8.04, 7.22, 7.22EXT, 7.49, 7.53, KRNL64NUC 7.22, 7.22EXT, 7.49

Hot News103142773\[CVE-2021-44228\] **Remote Code Execution vulnerability associated with Apache Log4j 2 component used in SAP Commerce**  
Related CVEs \- CVE-2021-45046, CVE-2021-45105, CVE-2021-44832  
Product - SAP Commerce, Versions - 1905, 2005, 2105, 2011Hot News103130920**Remote Code Execution vulnerability associated with Apache Log4j 2 component used in SAP Data Intelligence 3 (on-premise)  
**Related CVEs - CVE-2021-44228, CVE-2021-45046, CVE-2021-45105  
Product - SAP Data Intelligence, Version - 3  
Hot News103139893\[CVE-2021-44228\] **Remote Code Execution vulnerability associated with Apache Log4j 2 component used in SAP Dynamic Authorization Management  
**Related CVEs - CVE-2021-44228, CVE-2021-45046  
Product - SAP Dynamic Authorization Management, Version - 9.1.0.0, 2021.03Hot News103132922**_Update to Security Note released in December 2021:  
_**\[CVE-2021-44228\] **Remote Code Execution vulnerability associated with Apache Log4j 2 component used in Internet of Things Edge Platform  
**Related CVEs -  CVE-2021-45105, CVE-2021-45046 , CVE-2021-44832  
Product - Internet of Things Edge Platform, Version - 4.0Hot News103133772**_Update to Security Note released in December 2021:_**  
\[CVE-2021-44228\] **Remote Code Execution vulnerability associated with Apache Log4j 2 component used in SAP Customer Checkout  
**Related CVEs - CVE-2021-45046, CVE-2021-45105  
Product - SAP Customer Checkout, Version - 2Hot News103131047**_Update to Security Note released in December 2021:_**  
\[CVE-2021-44228\] **Central Security Note for Remote Code Execution vulnerability associated with Apache Log4j 2 component**Hot News102622660_**Update to Security Note released on April 2018 Patch Day:**_  
**Security updates for the browser control Google Chromium delivered with SAP Business Client  
**Product – SAP Business Client, Version – 6.5Hot News103140940\[CVE-2022-22544\] **Missing segregation of duties in SAP Solution Manager Diagnostics Root Cause Analysis Tools**  
Product \- SAP Solution Manager (Diagnostics Root Cause Analysis Tools), Version - 720Hot News9.13112928_**Update to Security Note released on January 2022 Patch Day:**_  
\[CVE-2022-22531\] **Multiple vulnerabilities in F0743 Create Single Payment application of SAP S/4HANA**Additional CVE \- CVE-2022-22530Product \- SAP S/4HANA, Versions - 100, 101, 102, 103, 104, 105, 106High8.73123427

\[CVE-2022-22532\] **HTTP Request Smuggling in SAP NetWeaver Application Server Java  
**Product \- SAP NetWeaver Application Server Java, Versions - KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53

High8.13140587\[CVE-2022-22540\] **SQL Injection vulnerability in SAP NetWeaver AS ABAP (Workplace Server)  
**Product \- SAP NetWeaver AS ABAP (Workplace Server), Versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 787High7.13124994

\[CVE-2022-22534\] **Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver  
**Product \- SAP NetWeaver (ABAP and Java application Servers), Versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756

Medium4.73126489

\[CVE-2022-22535\] **Missing Authorization check in SAP ERP HCM  
**Product \-  SAP ERP HCM (Portugal), Versions - 600, 604, 608

Medium6.53126748

\[CVE-2022-22546\] **XSS vulnerability in SAP Business Objects Web Intelligence (BI Launchpad)  
**Product \- SAP Business Objects Web Intelligence (BI Launchpad) , Version - 420

Medium5.43134684

\[Multiple CVEs\] **Improper Input Validation in SAP 3D Visual Enterprise Viewer  
**CVEs \- CVE-2022-22537, CVE-2022-22539, CVE-2022-22538  
Product \- SAP 3D Visual Enterprise Viewer , Version - 9.0

Medium4.33140564

\[CVE-2022-22528\] **Information Disclosure in SAP Adaptive Server Enterprise  
**Product \- SAP Adaptive Server Enterprise , Version - 16.0

Medium5.63142092

\[CVE-2022-22542\] **Information Disclosure vulnerability in SAP S/4HANA (Supplier Factsheet and Enterprise Search for Business Partner, Supplier and Customer)  
**Product \- SAP S/4HANA (Supplier Factsheet and Enterprise Search for Business Partner, Supplier and Customer)  , Versions - 104, 105, 106

Medium6.53116223

\[CVE-2022-22543\] **Denial of service (DOS) in SAP NetWeaver Application Server for ABAP (Kernel) and ABAP Platform (Kernel)  
**Product \-  SAP NetWeaver Application Server for ABAP (Kernel) and ABAP Platform (Kernel) , Versions - KERNEL 7.22, 8.04, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, KRNL64UC 8.04, 7.22, 7.22EXT, 7.49, 7.53, KRNL64NUC 7.22, 7.22EXT, 7.49

Low3.7

CVE-2022-22533: SAP Security Patch Day - February 2022 - Product Security Response at SAP

In Bluetooth, there is a possible information disclosure due to incorrect error handling. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108487; Issue ID: ALPS06108487.

**February 2022 Product Security Bulletin**

Published 2022-02-07

The MediaTek Product Security Bulletin contains details of security vulnerabilities affecting MediaTek Smartphone, Tablet, AIoT and Smart display chipsets. Device OEMs have been notified of all the issues and the corresponding security patches for at least two months before publication.

The severity of the identified vulnerabilities was conducted based on the Common Vulnerability Scoring System version 3.1 (CVSS v3.1).

****Summary****

Severity

**CVEs**

High

CVE-2022-20024, CVE-2022-20025, CVE-2022-20026, CVE-2022-20027, CVE-2022-20028

Medium

CVE-2022-20029, CVE-2022-20030, CVE-2022-20031, CVE-2022-20032, CVE-2022-20033, CVE-2022-20017, CVE-2022-20034, CVE-2022-20035, CVE-2022-20036, CVE-2022-20037, CVE-2022-20038, CVE-2022-20039, CVE-2022-20040, CVE-2022-20041, CVE-2022-20042, CVE-2022-20043, CVE-2022-20044, CVE-2022-20045, CVE-2022-20046

****Details****

CVE

**CVE-2022-20024**

Title

Improper input validation in system service

Severity

High

Vulnerability Type

EoP

CWE

CWE-20 Improper Input Validation

Description

In system service, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6580, MT6739, MT6750, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797

Affected Software Versions

Android 11.0, 12.0

CVE

**CVE-2022-20025**

Title

Stack-based buffer overflow in Bluetooth

Severity

High

Vulnerability Type

EoP

CWE

CWE-121 Stack-based Buffer Overflow

Description

In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385

Affected Software Versions

Android 8.1, 9.0, 10.0, 11.0, 12.0

CVE

**CVE-2022-20026**

Title

Stack-based buffer overflow in Bluetooth

Severity

High

Vulnerability Type

EoP

CWE

CWE-122 Stack-based Buffer Overflow

Description

In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385

Affected Software Versions

Android 8.1, 9.0, 10.0, 11.0, 12.0

CVE

**CVE-2022-20027**

Title

Stack-based buffer overflow in Bluetooth

Severity

High

Vulnerability Type

EoP

CWE

CWE-123 Stack-based Buffer Overflow

Description

In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385

Affected Software Versions

Android 8.1, 9.0, 10.0, 11.0, 12.0

CVE

**CVE-2022-20028**

Title

Stack-based buffer overflow in Bluetooth

Severity

High

Vulnerability Type

EoP

CWE

CWE-123 Stack-based Buffer Overflow

Description

In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385

Affected Software Versions

Android 8.1, 9.0, 10.0, 11.0, 12.0

CVE

**CVE-2022-20029**

Title

Out-of-bounds read in cmdq driver

Severity

Medium

Vulnerability Type

ID

CWE

CWE-125 Out-of-bounds Read

Description

In cmdq driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8163, MT8167, MT8168, MT8173, MT8175, MT8183, MT8321, MT8362A, MT8365, MT8385, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8791, MT8797

Affected Software Versions

Android 10.0, 11.0, 12.0

CVE

**CVE-2022-20030**

Title

Stack-based buffer overflow in vow driver

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-121 Stack-based Buffer Overflow

Description

In vow driver, there is a possible out of bounds write due to a stack-based buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8185, MT8789, MT8791, MT8797

Affected Software Versions

Android 10.0, 11.0, 12.0

CVE

**CVE-2022-20031**

Title

Use after free in fb driver

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-416 Use After Free

Description

In fb driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6580, MT6582E, MT6582H, MT6582T, MT6582W, MT6582\_90, MT6589, MT6589TD, MT6592E, MT6592H, MT6592T, MT6592W, MT6592\_90, MT6595, MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893

Affected Software Versions

Android 10.0, 11.0

CVE

**CVE-2022-20032**

Title

Out-of-bounds read in vow driver

Severity

Medium

Vulnerability Type

ID

CWE

CWE-125 Out-of-bounds Read

Description

In vow driver, there is a possible memory corruption due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8185, MT8789, MT8791, MT8797

Affected Software Versions

Android 10.0, 11.0, 12.0

CVE

**CVE-2022-20033**

Title

Out-of-bounds read in camera driver

Severity

Medium

Vulnerability Type

ID

CWE

CWE-125 Out-of-bounds Read

Description

In camera driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6893, MT8167, MT8168, MT8173, MT8362A, MT8365

Affected Software Versions

Android 11.0, 12.0

CVE

**CVE-2022-20017**

Title

Exposure of sensitive information to an unauthorized actor in ion driver

Severity

Medium

Vulnerability Type

ID

CWE

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

Description

In ion driver, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6765, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797

Affected Software Versions

Android 10.0, 11.0, 12.0

CVE

**CVE-2022-20034**

Title

Improper authentication in Preloader XFLASH

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-287 Improper Authentication

Description

In Preloader XFLASH, there is a possible escalation of privilege due to an improper certificate validation. This could lead to local escalation of privilege for an attacker who has physical access to the device with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6580, MT6735, MT6739, MT6761, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6799, MT6833, MT6853, MT6873, MT6875, MT6877, MT6885, MT6891, MT6893

Affected Software Versions

Android 11.0

CVE

**CVE-2022-20035**

Title

Use after free in vcu driver

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-416 Use After Free

Description

In vcu driver, there is a possible information disclosure due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6768, MT6769, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6890, MT6891, MT6893, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797

Affected Software Versions

Android 10.0, 11.0

CVE

**CVE-2022-20036**

Title

Exposure of sensitive information to an unauthorized actor in ion driver

Severity

Medium

Vulnerability Type

ID

CWE

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

Description

In ion driver, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791

Affected Software Versions

Android 10.0, 11.0

CVE

**CVE-2022-20037**

Title

Exposure of sensitive information to an unauthorized actor in ion driver

Severity

Medium

Vulnerability Type

ID

CWE

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

Description

In ion driver, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797

Affected Software Versions

Android 10.0, 11.0

CVE

**CVE-2022-20038**

Title

Improper restriction of operations within the bounds of a memory buffer in ccu driver

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

Description

In ccu driver, there is a possible memory corruption due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8791, MT8797

Affected Software Versions

Android 11.0

CVE

**CVE-2022-20039**

Title

Integer overflow or wraparound in ccu driver

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-190 Integer Overflow or Wraparound

Description

In ccu driver, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6833, MT6853, MT6873, MT6877, MT6883, MT6893, MT8791, MT8797

Affected Software Versions

Android 11.0

CVE

**CVE-2022-20040**

Title

Stack-based buffer overflow in power\_hal\_manager\_service

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-121 Stack-based Buffer Overflow

Description

In power\_hal\_manager\_service, there is a possible permission bypass due to a stack-based buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT6735, MT6737, MT6739, MT6755, MT6757, MT6761, MT6771, MT6779, MT6785, MT6833, MT6853, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797

Affected Software Versions

Android 11.0, 12.0

CVE

**CVE-2022-20041**

Title

Improper privilege management in Bluetooth

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-269 Improper Privilege Management

Description

In Bluetooth, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385

Affected Software Versions

Android 8.1, 9.0, 10.0, 11.0, 12.0

CVE

**CVE-2022-20042**

Title

Exposure of sensitive information to an unauthorized actor in Bluetooth

Severity

Medium

Vulnerability Type

ID

CWE

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

Description

In Bluetooth, there is a possible information disclosure due to incorrect error handling. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385

Affected Software Versions

Android 8.1, 9.0, 10.0, 11.0, 12.0

CVE

**CVE-2022-20043**

Title

Improper privilege management in Bluetooth

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-269 Improper Privilege Management

Description

In Bluetooth, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385

Affected Software Versions

Android 8.1, 9.0, 10.0, 11.0, 12.0

CVE

**CVE-2022-20044**

Title

Use after free in Bluetooth

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-416 Use After Free

Description

In Bluetooth, there is a possible service crash due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385

Affected Software Versions

Android 8.1, 9.0, 10.0, 11.0, 12.0

CVE

**CVE-2022-20045**

Title

Use after free in Bluetooth

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-416 Use After Free

Description

In Bluetooth, there is a possible service crash due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385

Affected Software Versions

Android 8.1, 9.0, 10.0, 11.0, 12.0

CVE

**CVE-2022-20046**

Title

Missing release of memory after effective lifetime in Bluetooth

Severity

Medium

Vulnerability Type

DoS

CWE

CWE-401 Missing Release of Memory after Effective Lifetime

Description

In Bluetooth, there is a possible memory corruption due to a logic error. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385

Affected Software Versions

Android 8.1, 9.0, 10.0, 11.0, 12.0

****Vulnerability Type Definition****

Abbreviation

**Definition**

RCE

Remote Code Execution

EoP

Elevation of Privilege

ID

Information Disclosure

DoS

Denial of Service

N/A

Classification not available

****Versions****

**Version**

**Date**

**Description**

1.0

February 7, 2022

Bulletin published.

****Notes****

Information above is generated only at the time of creation of this Security Bulletin. The list of affected chipsets could be not complete. For any further information, device OEMs can reach your MediaTek contact person if needed.

If you want to report a security vulnerability in MediaTek chipsets or products, please go to Report Security Vulnerability page on MediaTek website.

CVE-2022-20042: February 2022

Out-of-bounds read in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable denial of service via local access.

**Select Your Region**

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**Intel® Trace Analyzer and Collector Advisory**

Intel ID:

INTEL-SA-00639

Advisory Category:

Software

Impact of vulnerability:

Denial of Service, Information Disclosure

Severity rating:

MEDIUM

Original release:

02/08/2022

Last revised:

02/08/2022

**Summary: **

Potential security vulnerabilities in the Intel® Trace Analyzer and Collector may allow denial of service or information disclosure.  Intel is releasing software updates to mitigate these potential vulnerabilities.

**Vulnerability Details:**

CVEID: CVE-2022-21133

Description: Out-of-bounds read in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable denial of service via local access.

CVSS Base Score: 5.6 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

CVEID: CVE-2022-21226

Description: Out-of-bounds read in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable information disclosure via local access.

CVSS Base Score: 5.3 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

CVEID: CVE-2022-21218

Description: Uncaught exception in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable information disclosure via local access.

CVSS Base Score: 4.5 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

CVEID: CVE-2022-21156

Description: Access of uninitialized pointer in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable denial of service via local access.

CVSS Base Score: 3.6 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L

**Affected Products:**

Intel® Trace Analyzer and Collector before version 2021.5.

**Recommendations:**

Intel recommends updating the Intel® Trace Analyzer and Collector to version 2021.5 or later.

Updates are available for download at this location: https://www.intel.com/content/www/us/en/develop/documentation/get-started-with-itac/top.html

**Acknowledgements:**

Intel would like to thank Star Labs for reporting these issues.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

**Revision History**

Revision

Date

Description

1.0

02/08/2022

Initial Release

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel, processors, chipsets, and desktop boards may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at https://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  
Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2022-21133: INTEL-SA-00639

Out of bounds read under complex microarchitectural condition in memory subsystem for some Intel Atom(R) Processors may allow authenticated user to potentially enable information disclosure or cause denial of service via network access.

**Select Your Region**

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**2021.2 IPU - Intel Atom® Processor Advisory**

Intel ID:

INTEL-SA-00589

Advisory Category:

Firmware

Impact of vulnerability:

Denial of Service, Information Disclosure

Severity rating:

LOW

Original release:

02/08/2022

Last revised:

02/08/2022

**Summary: **

A potential security vulnerability in some Intel Atom® Processors may allow information disclosure or denial of service.  Intel is releasing firmware updates to mitigate this potential vulnerability.

**Vulnerability Details:**

CVEID: CVE-2021-33120

Description:  Out of bounds read under complex microarchitectural condition in memory subsystem for some Intel Atom(R) Processors may allow authenticated user to potentially enable information disclosure or cause denial of service via network access.

CVSS Base Score: 3.6 Low

CVSS Vector:  CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:L

**Affected Products:**

A list of impacted products can be found here.

**Recommendations:**

Intel recommends that users of affected Intel® Processors update to the latest version firmware provided by the system manufacturer that addresses these issues. 

Intel has released microcode updates for the affected Intel® Processors that are currently supported on the public github repository. Please see details below on access to the microcode: 

Public Github: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files

**Acknowledgements:**

This issue was found internally by Intel employee. Intel would like to thank Brandon Miller for reporting the issue.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

**Revision History**

Revision

Date

Description

1.0

02/08/2022

Initial Release

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel, processors, chipsets, and desktop boards may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at https://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  
Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2021-33120: INTEL-SA-00589

Improper input validation in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.100 may allow an authenticated user to potentially enable denial of service via adjacent access.

**Select Your Region**

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**Intel® Wireless Bluetooth® and Killer™ Bluetooth® Advisory**

**Summary: **

Potential security vulnerabilities in some Intel® Wireless Bluetooth® and Killer™ Bluetooth® products may allow denial of service. Intel is releasing firmware updates to mitigate these potential vulnerabilities.

**Vulnerability Details:**

CVEID:  CVE-2021-33139

Description: Improper conditions check in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.100 may allow an authenticated user to potentially enable denial of service via adjacent access.

CVSS Base Score: 5.7 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVEID:  CVE-2021-33155

Description: Improper input validation in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.100 may allow an authenticated user to potentially enable denial of service via adjacent access.

CVSS Base Score: 5.7 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

**Affected Products:**

Intel® Wireless Bluetooth® and Killer™ Bluetooth® products with drivers before version 22.100:

*   Intel® Wi-Fi 6 AX211
*   Intel® Wi-Fi 6 AX210
*   Intel® Wi-Fi 6 AX201
*   Intel® Wi-Fi 6 AX200
*   Intel® Wireless-AC 9560
*   Intel® Wireless-AC 9462
*   Intel® Wireless-AC 9461
*   Intel® Wireless-AC 9260
*   Intel® Dual Band Wireless-AC 8265
*   Intel® Dual Band Wireless-AC 8260
*   Intel® Dual Band Wireless-AC 3168
*   Intel® Wireless 7265 (Rev D) Family
*   Intel® Dual Band Wireless-AC 3165
*   Killer™ Wi-Fi 6E AX1675       
*   Killer™ Wi-Fi 6 AX1650
*   Killer™ Wireless-AC 1550

**Recommendations:**

**Windows OS:**

Intel recommends updating the affected Intel® Wireless Bluetooth® and Killer™ Bluetooth® products to version 22.100 or later.

Windows 10 and Windows 11 updates are available for download at this location:

https://www.intel.com/content/www/us/en/download/18649/intel-wireless-bluetooth-for-windows-10-and-windows-11.html

**Chrome OS:**

Updates to mitigate these vulnerabilities are up streamed to Chromium.

For any Google Chrome OS solution and schedule, please contact Google directly.

Killer™ Products are not applicable for Chrome OS.

**Linux OS:**

Updates to mitigate these vulnerabilities are up streamed to Linux.

Consult the regular opensource channels to obtain this update.

Killer™ Products are not applicable for Linux OS.

**Acknowledgements:**

Intel would like to thank Matheus Eduardo Garbelini and Sudipta Chattopadhyay from the Singapore University of Technology and Design for reporting these issues.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

**Revision History**

Revision

Date

Description

1.0

02/08/2022

Initial Release

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel, processors, chipsets, and desktop boards may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at https://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  
Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2021-33155: INTEL-SA-00604

Improper input validation for some Intel(R) PROSet/Wireless WiFi in UEFI may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

**Select Your Region**

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**Intel® PROSet/Wireless WiFi and Killer™ WiFi Software Advisory**

Intel ID:

INTEL-SA-00582

Advisory Category:

Firmware, Software

Impact of vulnerability:

Escalation of Privilege, Denial of Service, Information Disclosure

Severity rating:

HIGH

Original release:

02/08/2022

Last revised:

02/08/2022

**Summary: **

Potential security vulnerabilities in some Intel® PROSet/Wireless WiFi and Killer™ WiFi products may allow escalation of privilege, denial of service or information disclosure. Intel is releasing firmware and software updates to mitigate these potential vulnerabilities.

**Vulnerability Details:**

CVEID:  CVE-2021-33113

Description: Improper input validation for some Intel(R) PROSet/Wireless WiFi in multiple operating systems and Killer(TM) WiFi in Windows 10 & 11 may allow an unauthenticated user to potentially enable denial of service or information disclosure via adjacent access.

CVSS Base Score: 7.1 High

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

CVEID:  CVE-2021-33115

Description: Improper input validation for some Intel(R) PROSet/Wireless WiFi in UEFI may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

CVSS Base Score: 6.8 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CVEID:  CVE-2021-33114

Description: Improper input validation for some Intel(R) PROSet/Wireless WiFi in multiple operating systems and Killer(TM) WiFi in Windows 10 & 11 may allow an authenticated user to potentially enable denial of service  via adjacent access.

CVSS Base Score: 4.8 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

**Affected Products:**

Intel® PROSet/Wireless Wi-Fi products with Windows WiFi drivers before version 22.80, or UEFI WiFi drivers before version 1.2.8.21337:

*   Intel® Wi-Fi 6E AX210
*   Intel® Wi-Fi 6 AX201
*   Intel® Wi-Fi 6 AX200
*   Intel® Wireless-AC 9560
*   Intel® Wireless-AC 9462
*   Intel® Wireless-AC 9461
*   Intel® Wireless-AC 9260
*   Intel® Dual Band Wireless-AC 8265
*   Intel® Dual Band Wireless-AC 8260
*   Intel® Dual Band Wireless-AC 3168
*   Intel® Wireless 7265 (Rev D) Family
*   Intel® Dual Band Wireless-AC 3165

Killer™ Wi-Fi products with drivers before version 3.1021.733.0:

*   Killer™ Wi-Fi 6E AX1675       
*   Killer™ Wi-Fi 6 AX1650
*   Killer™ Wireless-AC 1550

**Recommendations:**

**Windows:**

Intel recommends updating Intel® PROSet/Wireless WiFi to version 22.80 or later.

Updates are available for download at this location:

https://www.intel.com/content/www/us/en/download/19351/windows-10-and-windows-11-wi-fi-drivers-for-intel-wireless-adapters.html

Intel recommends updating Killer™ WiFi to version 3.1021.733.0 or later.

https://www.intel.com/content/www/us/en/download/19779/intel-killer-performance-suite.html

**UEFI:**

Intel recommends updating UEFI WiFi drivers to version 1.2.8.21337 or later.

Please contact your OEM support group to obtain the correct driver version.

**Chrome OS:**

Intel® PROSet/Wireless WiFi drivers to mitigate these vulnerabilities are up streamed to Chromium.

For any Google Chrome OS solution and schedule, please contact Google directly.

**Linux OS:**

Intel® PROSet/Wireless WiFi drivers to mitigate these vulnerabilities are up streamed to Linux.

Consult the regular Open Source channels to obtain this update.

**Acknowledgements:  **

Intel would like to thank Hongjian Cao at Ant Security Frontage Lab for reporting CVE-2021-33114. The remaining issues were found internally by Intel employees.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

**Revision History**

Revision

Date

Description

1.0

02/08/2022

Initial Release

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel, processors, chipsets, and desktop boards may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at https://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  
Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2021-33115: INTEL-SA-00582

Improper restriction of XML external entity for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

**Select Your Region**

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**Intel® Quartus® Advisory**

Intel ID:

INTEL-SA-00632

Advisory Category:

Software

Impact of vulnerability:

Escalation of Privilege, Denial of Service, Information Disclosure

Severity rating:

HIGH

Original release:

02/08/2022

Last revised:

02/08/2022

**Summary: **

Potential security vulnerabilities in Intel® Quartus® Prime Pro and Standard Editions may allow escalation of privilege, denial of service, or information disclosure.  Intel is releasing software updates to mitigate these potential vulnerabilities.

**Vulnerability Details:**

CVEID: CVE-2022-21203

Description: Improper permissions in the SafeNet Sentinel driver for Intel(R) Quartus(R) Prime Standard Edition before version 21.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS Base Score: 8.8 High

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVEID: CVE-2021-44454

Description: Improper input validation in a third-party component for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS Base Score: 7.3 High

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CVEID: CVE-2022-21220

Description: Improper restriction of XML external entity for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS Base Score: 6.7 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

CVEID: CVE-2022-21204

Description: Improper permissions for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS Base Score: 6.7 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

CVEID: CVE-2022-21174

Description: Improper access control in a third-party component of Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS Base Score: 6.7 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

CVEID: CVE-2022-21205

Description: Improper restriction of XML external entity reference in DSP Builder Pro for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an unauthenticated user to potentially enable information disclosure via network access.

CVSS Base Score: 6.5 Medium

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

**Affected Products:**

Intel® Quartus® Prime Pro Edition before version 21.3.

Intel® Quartus® Prime Standard Edition before version 21.1.

**Recommendations:**

Intel recommends updating Intel® Quartus® Prime Pro to version 21.3 or later.

Intel recommends updating Intel® Quartus® Prime Standard Edition to version 21.1 or later.

Updates are available for download at this location: https://www.intel.com/content/www/us/en/software/programmable/quartus-prime/download.html

**Acknowledgements:**

Intel would like to thank Mazoz Ocher (CVE-2022-21203, CVE-2022-21205, and CVE-2022-21220) and Marius Gabriel Mihai (CVE-2022-21204 and CVE-2022-21174) for reporting these issues.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

**Revision History**

Revision

Date

Description

1.0

02/08/2022

Initial Release

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel, processors, chipsets, and desktop boards may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at https://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  
Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2022-21220: INTEL-SA-00632

Improper input validation for some Intel(R) Wireless Bluetooth(R) products and Killer(TM) Bluetooth(R) products in Windows 10 and 11 before version 22.80 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

**Select Your Region**

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**Intel® Wireless Bluetooth® and Killer™ Bluetooth® for Windows Advisory**

**Summary: **

A potential security vulnerability in some Intel® Wireless Bluetooth® products and Killer™ Bluetooth® products may allow denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities.

**Vulnerability Details:**

CVEID: CVE-2021-33110

Description: Improper input validation for some Intel(R) Wireless Bluetooth(R) products and Killer(TM) Bluetooth(R) products in Windows 10 & 11 before version 22.80 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

CVSS Base Score: 4.3 Medium

CVSS Vector:  CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

**Affected Products:**

Intel® Wireless Bluetooth® products:

*   Intel® Wi-Fi 6 AX210  
    
*   Intel® Wi-Fi 6 AX201
*   Intel® Wi-Fi 6 AX200
*   Intel® Wireless-AC 9560
*   Intel® Wireless-AC 9462
*   Intel® Wireless-AC 9461
*   Intel® Wireless-AC 9260
*   Intel® Dual Band Wireless-AC 8265
*   Intel® Dual Band Wireless-AC 8260
*   Intel® Dual Band Wireless-AC 3168
*   Intel® Wireless 7265 (Rev D) Family
*   Intel® Dual Band Wireless-AC 3165

Killer™ Bluetooth® products:

*   Killer™ Wi-Fi 6E AX1675         
    
*   Killer™ Wi-Fi 6 AX1650
*   Killer™ Wireless-AC 1550

**Recommendations:**

**Windows\*:**

Intel recommends updating affected Intel® Wireless Bluetooth® and Killer™ Bluetooth® products to version 22.80 or later.

For Windows\* 10 & 11, updates are available for download at this location:

https://www.intel.com/content/www/us/en/download/18649/intel-wireless-bluetooth-for-windows-10-and-windows-11.html

**Acknowledgements:**

This issue was found internally by an Intel employee.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

**Revision History**

Revision

Date

Description

1.0

02/08/2022

Initial Release

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel, processors, chipsets, and desktop boards may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at https://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  
Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2021-33110: INTEL-SA-00581

Out-of-bounds read in some Intel(R) Core(TM) processors with Radeon(TM) RX Vega M GL integrated graphics before version 21.10 may allow an authenticated user to potentially enable information disclosure via local access.

**Select Your Region**

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**Intel® Core™ Processors with Radeon™ RX Vega M GL Graphics Advisory**

Intel ID:

INTEL-SA-00481

Advisory Category:

Software

Impact of vulnerability:

Escalation of Privilege, Denial of Service, Information Disclosure

Severity rating:

HIGH

Original release:

11/09/2021

Last revised:

11/09/2021

**Summary: **

Potential security vulnerabilities in some Intel® Core™ processors with Radeon™ RX Vega M GL integrated graphics may allow escalation of privilege, denial of service or information disclosure.  Intel and AMD are releasing driver updates to mitigate these potential vulnerabilities.

**Vulnerability Details:**

CVEID: CVE-2020-12902 (Non-Intel issued)

Description: Arbitrary Decrement Privilege Escalation in AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service.

Severity: High

CVEID: CVE-2020-12980 (Non-Intel issued)

Description: An out of bounds write and read vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service.

Severity: High

CVEID: CVE-2020-12981 (Non-Intel issued)

Description: An insufficient input validation in the AMD Graphics Driver for Windows 10 may allow unprivileged users to unload the driver, potentially causing memory corruptions in high privileged processes, which can lead to escalation of privileges or denial of service.

Severity: High

CVEID: CVE-2020-12982 (Non-Intel issued)

Description: An invalid object pointer free vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service.

Severity: High

CVEID: CVE-2020-12983 (Non-Intel issued)

Description: An out of bounds write vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privileges or denial of service.

Severity: High

CVEID: CVE-2020-12985 (Non-Intel issued)

Description: An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service.

Severity: High

CVEID: CVE-2020-12986 (Non-Intel issued)

Description: An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows 10 may cause arbitrary code execution in the kernel, leading to escalation of privilege or denial of service.

Severity: High

CVEID: CVE-2020-12893 (Non-Intel issued)

Description: Stack Buffer Overflow in AMD Graphics Driver for Windows 10 in Escape 0x15002a may lead to escalation of privilege or denial of service.

Severity: High

CVEID: CVE-2020-12894 (Non-Intel issued)

Description: Arbitrary Write in AMD Graphics Driver for Windows 10 in Escape 0x40010d may lead to arbitrary write to kernel memory or denial of service.

Severity: High

CVEID: CVE-2020-12895 (Non-Intel issued)

Description: Pool/Heap Overflow in AMD Graphics Driver for Windows 10 in Escape 0x110037 may lead to escalation of privilege, information disclosure or denial of service.

Severity: High

CVEID: CVE-2020-12898 (Non-Intel issued)

Description: Stack Buffer Overflow in AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service.

Severity: High

CVEID: CVE-2020-12900 (Non-Intel issued)

Description: An arbitrary write vulnerability in the AMD Radeon Graphics Driver for Windows 10 potentially allows unprivileged users to gain Escalation of Privileges and cause Denial of Service.

Severity: High

CVEID: CVE-2020-12901 (Non-Intel issued)

Description: Arbitrary Free After Use in AMD Graphics Driver for Windows 10 may lead to KASLR bypass or information disclosure.

Severity: High

CVEID: CVE-2020-12903 (Non-Intel issued)

Description: Out of Bounds Write and Read in AMD Graphics Driver for Windows 10 in Escape 0x6002d03 may lead to escalation of privilege or denial of service.

Severity: High

CVEID: CVE-2020-12892 (Non-Intel issued)

Description: An untrusted search path in AMD Radeon settings Installer may lead to a privilege escalation or unauthorized code execution.

Severity: Medium

CVEID: CVE-2020-12987 (Non-Intel issued)

Description: A heap information leak/kernel pool address disclosure vulnerability in the AMD Graphics Driver for Windows 10 may lead to KASLR bypass.

Severity: Medium

CVEID: CVE-2020-12904 (Non-Intel issued)

Description: Out of Bounds Read in AMD Graphics Driver for Windows 10 in Escape 0x3004203 may lead to arbitrary information disclosure.

Severity: Medium

CVEID: CVE-2020-12905 (Non-Intel issued)

Description: Out of Bounds Read in AMD Graphics Driver for Windows 10 in Escape 0x3004403 may lead to arbitrary information disclosure.

Severity: Medium

CVEID: CVE-2020-12964 (Non-Intel issued)

Description: A potential privilege escalation/denial of service issue exists in the AMD Radeon Kernel Mode driver Escape 0x2000c00 Call handler. An attacker with low privilege could potentially induce a Windows BugCheck or write to leak information.

Severity: Medium

CVEID: CVE-2020-12899 (Non-Intel issued)

Description: Arbitrary Read in AMD Graphics Driver for Windows 10 may lead to KASLR bypass or denial of service.

Severity: Medium

CVEID: CVE-2020-12897 (Non-Intel issued)

Description: Kernel Pool Address disclosure in AMD Graphics Driver for Windows 10 may lead to KASLR bypass.

Severity: Medium

CVEID: CVE-2020-12963 (Non-Intel issued)

Description: An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows may allow unprivileged users to compromise the system.

Severity: Medium

CVEID: CVE-2021-33105

Description: Out-of-bounds read in some Intel(R) Core(TM) processors with Radeon(TM) RX Vega M GL integrated graphics before version 21.10 may allow an authenticated user to potentially enable information disclosure via local access.

CVSS Base Score: 4.7 Medium

CVSS Vector:  CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

**Affected Products:**

Intel® Core™ i5-8305G Processor with Radeon™ RX Vega M GL graphics before version 21.10.

Intel® Core™ i7-8706G Processor with Radeon™ RX Vega M GL graphics before version 21.10.

Intel® Graphics Driver for Windows® 10 64-bit for NUC8i7HNK, NUC8i7HVK before version 21.10.

**Recommendations:**

Intel recommends updating graphics driver software for Intel® Core™ processors with Radeon™ RX Vega M GL integrated graphics to version 21.10 or later.

Updates are available for download at this location:

For Intel® NUCs NUC8i7HNK and NUC8i7HVK, with Radeon™ RX Vega M Graphics Driver for Windows® 10 64-bit:

https://www.intel.com/content/www/us/en/download/19269/648069/radeon-rx-vega-m-graphics-driver-for-windows-10-64-bit-for-nuc8i7hnk-nuc8i7hvk.html

For all other Intel® Core™ processors with Radeon™ RX Vega M Graphics:

https://www.intel.com/content/www/us/en/download/19282/30534/radeon-rx-vega-m-graphics.html

**Acknowledgements:**

Intel would like to thank Ori Nimron (@orinimron123) for reporting these issues as well Eran Shimony of CyberArk Labs for reporting CVE-2020-12892.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

**Revision History**

Revision

Date

Description

1.0

11/09/2021

Initial Release

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel, processors, chipsets, and desktop boards may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at https://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  
Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2021-33105: INTEL-SA-00481

Solution Manager (Diagnostics Root Cause Analysis Tools) - version 720, allows an administrator to execute code on all connected Diagnostics Agents and browse files on their systems. An attacker could thereby control the managed systems. It is considered that this is a missing segregation of duty for the SAP Solution Manager administrator. Impacts of unauthorized execution of commands can lead to sensitive information disclosure, loss of system integrity and denial of service.

Tag

#dos