Details of VAR-202011-0167

ID

VAR-202011-0167

CVE

CVE-2020-12322

TITLE

Intel(R) Wireless Bluetooth(R) Input confirmation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2020-013432

DESCRIPTION

Improper input validation in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable denial of service via adjacent access. Intel(R) Wireless Bluetooth(R) Is vulnerable to input validation.Denial of service (DoS) It may be put into a state

Trust: 1.62

sources: NVD: CVE-2020-12322 // JVNDB: JVNDB-2020-013432

IOT TAXONOMY

category:

['network device']

sub_category:

bluetooth device

Trust: 0.1

sources: OTHER: None

AFFECTED PRODUCTS

vendor:	intel	model:	wireless-ac 9462	scope:	lt	version:	21.110	Trust: 1.0
vendor:	intel	model:	wireless-ac 9461	scope:	lt	version:	21.110	Trust: 1.0
vendor:	intel	model:	wireless-ac 9260	scope:	lt	version:	21.110	Trust: 1.0
vendor:	intel	model:	dual band wireless-ac 3168	scope:	lt	version:	21.110	Trust: 1.0
vendor:	intel	model:	wi-fi 6 ax200	scope:	lt	version:	21.110	Trust: 1.0
vendor:	intel	model:	wi-fi 6 ax201	scope:	lt	version:	21.110	Trust: 1.0
vendor:	intel	model:	dual band wireless-ac 8260	scope:	lt	version:	21.110	Trust: 1.0
vendor:	intel	model:	dual band wireless-ac 3165	scope:	lt	version:	21.110	Trust: 1.0
vendor:	intel	model:	dual band wireless-ac 8265	scope:	lt	version:	21.110	Trust: 1.0
vendor:	intel	model:	wireless-ac 9560	scope:	lt	version:	21.110	Trust: 1.0
vendor:	intel	model:	wireless 7265 \	scope:	lt	version:	21.110	Trust: 1.0
vendor:	インテル	model:	intel wireless 7265	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	intel wi-fi 6 ax201	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	intel dual band wireless-ac 3168	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	intel wireless-ac 9260	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	intel wireless-ac 9560	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	intel dual band wireless-ac 8265	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	intel dual band wireless-ac 8260	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	intel wireless-ac 9462	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	intel wireless-ac 9461	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	intel wi-fi 6 ax200	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2020-013432 // NVD: CVE-2020-12322

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-12322
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2020-12322
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201911-1691
value:	MEDIUM
Trust: 0.6

nvd@nist.gov:	CVE-2020-12322
severity:	LOW
baseScore:	3.3
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	6.5
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8

nvd@nist.gov:	CVE-2020-12322
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2020-12322
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	ADJACENT NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2020-013432 // CNNVD: CNNVD-201911-1691 // NVD: CVE-2020-12322

PROBLEMTYPE DATA

problemtype:	CWE-20	Trust: 1.0
problemtype:	Incorrect input confirmation (CWE-20) [NVD Evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2020-013432 // NVD: CVE-2020-12322

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201911-1691

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201911-1691

PATCH

title:	INTEL-SA-00403	url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00403	Trust: 0.8
title:	Wire Enter the fix for the verification error vulnerability	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=134992	Trust: 0.6

sources: JVNDB: JVNDB-2020-013432 // CNNVD: CNNVD-201911-1691

EXTERNAL IDS

db:	NVD	id:	CVE-2020-12322	Trust: 2.5
db:	JVN	id:	JVNVU98002571	Trust: 0.8
db:	JVNDB	id:	JVNDB-2020-013432	Trust: 0.8
db:	AUSCERT	id:	ESB-2020.3962	Trust: 0.6
db:	LENOVO	id:	LEN-45681	Trust: 0.6
db:	CNNVD	id:	CNNVD-201911-1691	Trust: 0.6
db:	OTHER	id:	NONE	Trust: 0.1

sources: OTHER: None // JVNDB: JVNDB-2020-013432 // CNNVD: CNNVD-201911-1691 // NVD: CVE-2020-12322

REFERENCES

url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00403	Trust: 1.6
url:	https://nvd.nist.gov/vuln/detail/cve-2020-12322	Trust: 1.4
url:	https://jvn.jp/vu/jvnvu98002571/	Trust: 0.8
url:	https://vigilance.fr/vulnerability/intel-wireless-bluetooth-two-vulnerabilities-33902	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.3962/	Trust: 0.6
url:	https://support.lenovo.com/us/en/product_security/len-45681	Trust: 0.6
url:	https://ieeexplore.ieee.org/abstract/document/10769424	Trust: 0.1

sources: OTHER: None // JVNDB: JVNDB-2020-013432 // CNNVD: CNNVD-201911-1691 // NVD: CVE-2020-12322

SOURCES

db:	OTHER	id:	-
db:	JVNDB	id:	JVNDB-2020-013432
db:	CNNVD	id:	CNNVD-201911-1691
db:	NVD	id:	CVE-2020-12322

LAST UPDATE DATE

2025-01-30T20:07:50.598000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2020-013432	date:	2021-07-06T04:56:00
db:	CNNVD	id:	CNNVD-201911-1691	date:	2021-12-06T00:00:00
db:	NVD	id:	CVE-2020-12322	date:	2024-11-21T04:59:30.813

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2020-013432	date:	2021-07-06T00:00:00
db:	CNNVD	id:	CNNVD-201911-1691	date:	2019-11-10T00:00:00
db:	NVD	id:	CVE-2020-12322	date:	2020-11-12T18:15:14.597