ID

VAR-202208-0855


CVE

CVE-2021-26257


TITLE

Buffer Error Vulnerability in Multiple Intel Products

Trust: 0.8

sources: JVNDB: JVNDB-2021-020192

DESCRIPTION

Improper buffer restrictions in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow an authenticated user to potentially enable denial of service via local access. wi-fi 6 ax411 firmware, wi-fi 6 ax211 firmware, wi-fi 6 ax210 Multiple Intel products such as firmware contain a buffer error vulnerability.Service operation interruption (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2021-26257 // JVNDB: JVNDB-2021-020192 // VULMON: CVE-2021-26257

IOT TAXONOMY

category:['network device']sub_category:bluetooth device

Trust: 0.1

sources: OTHER: None

AFFECTED PRODUCTS

vendor:intelmodel:dual band wireless-ac 3165scope:ltversion:22.120

Trust: 1.0

vendor:intelmodel:killer wireless-ac 1550scope:ltversion:22.120

Trust: 1.0

vendor:intelmodel:dual band wireless-ac 8260scope:ltversion:22.120

Trust: 1.0

vendor:intelmodel:wi-fi 6 ax210scope:ltversion:22.120

Trust: 1.0

vendor:intelmodel:wi-fi 6 ax201scope:ltversion:22.120

Trust: 1.0

vendor:intelmodel:wireless-ac 9560scope:ltversion:22.120

Trust: 1.0

vendor:intelmodel:killer wi-fi 6 ax1650scope:ltversion:22.120

Trust: 1.0

vendor:intelmodel:killer wi-fi 6e ax1675scope:ltversion:22.120

Trust: 1.0

vendor:intelmodel:wi-fi 6 ax211scope:ltversion:22.120

Trust: 1.0

vendor:intelmodel:wi-fi 6 ax411scope:ltversion:22.120

Trust: 1.0

vendor:intelmodel:wireless-ac 9260scope:ltversion:22.120

Trust: 1.0

vendor:intelmodel:wireless 7265scope:ltversion:22.120

Trust: 1.0

vendor:intelmodel:wireless-ac 9461scope:ltversion:22.120

Trust: 1.0

vendor:intelmodel:wi-fi 6 ax200scope:ltversion:22.120

Trust: 1.0

vendor:intelmodel:killer wi-fi 6e ax1690scope:ltversion:22.120

Trust: 1.0

vendor:intelmodel:dual band wireless-ac 3168scope:ltversion:22.120

Trust: 1.0

vendor:intelmodel:wireless-ac 9462scope:ltversion:22.120

Trust: 1.0

vendor:intelmodel:dual band wireless-ac 8265scope:ltversion:22.120

Trust: 1.0

vendor:インテルmodel:wi-fi 6 ax411scope: - version: -

Trust: 0.8

vendor:インテルmodel:dual band wireless-ac 3165scope: - version: -

Trust: 0.8

vendor:インテルmodel:wi-fi 6 ax211scope: - version: -

Trust: 0.8

vendor:インテルmodel:dual band wireless-ac 8260scope: - version: -

Trust: 0.8

vendor:インテルmodel:dual band wireless-ac 3168scope: - version: -

Trust: 0.8

vendor:インテルmodel:wi-fi 6 ax210scope: - version: -

Trust: 0.8

vendor:インテルmodel:killer wi-fi 6 ax1650scope: - version: -

Trust: 0.8

vendor:インテルmodel:wireless-ac 9260scope: - version: -

Trust: 0.8

vendor:インテルmodel:wireless-ac 9462scope: - version: -

Trust: 0.8

vendor:インテルmodel:killer wi-fi 6e ax1690scope: - version: -

Trust: 0.8

vendor:インテルmodel:wireless 7265scope: - version: -

Trust: 0.8

vendor:インテルmodel:dual band wireless-ac 8265scope: - version: -

Trust: 0.8

vendor:インテルmodel:killer wi-fi 6e ax1675scope: - version: -

Trust: 0.8

vendor:インテルmodel:intel wi-fi 6 ax200scope: - version: -

Trust: 0.8

vendor:インテルmodel:killer wireless-ac 1550scope: - version: -

Trust: 0.8

vendor:インテルmodel:wireless-ac 9560scope: - version: -

Trust: 0.8

vendor:インテルmodel:intel wi-fi 6 ax201scope: - version: -

Trust: 0.8

vendor:インテルmodel:wireless-ac 9461scope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-020192 // NVD: CVE-2021-26257

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-26257
value: MEDIUM

Trust: 1.0

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2021-26257
value: MEDIUM

Trust: 1.0

NVD: CVE-2021-26257
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202208-2681
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2021-26257
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 2.0

NVD: CVE-2021-26257
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2021-020192 // CNNVD: CNNVD-202208-2681 // NVD: CVE-2021-26257 // NVD: CVE-2021-26257

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.0

problemtype:Buffer error (CWE-119) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-020192 // NVD: CVE-2021-26257

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202208-2681

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202208-2681

PATCH

title:Intel Wireless Bluetooth and Killer Bluetooth Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=205725

Trust: 0.6

sources: CNNVD: CNNVD-202208-2681

EXTERNAL IDS

db:NVDid:CVE-2021-26257

Trust: 3.4

db:JVNid:JVNVU99494206

Trust: 0.8

db:JVNDBid:JVNDB-2021-020192

Trust: 0.8

db:AUSCERTid:ESB-2022.3961

Trust: 0.6

db:CNNVDid:CNNVD-202208-2681

Trust: 0.6

db:OTHERid:NONE

Trust: 0.1

db:VULMONid:CVE-2021-26257

Trust: 0.1

sources: OTHER: None // VULMON: CVE-2021-26257 // JVNDB: JVNDB-2021-020192 // CNNVD: CNNVD-202208-2681 // NVD: CVE-2021-26257

REFERENCES

url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00628.html

Trust: 2.5

url:https://jvn.jp/vu/jvnvu99494206/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2021-26257

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2021-26257/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3961

Trust: 0.6

url:https://ieeexplore.ieee.org/abstract/document/10769424

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: OTHER: None // VULMON: CVE-2021-26257 // JVNDB: JVNDB-2021-020192 // CNNVD: CNNVD-202208-2681 // NVD: CVE-2021-26257

SOURCES

db:OTHERid: -
db:VULMONid:CVE-2021-26257
db:JVNDBid:JVNDB-2021-020192
db:CNNVDid:CNNVD-202208-2681
db:NVDid:CVE-2021-26257

LAST UPDATE DATE

2025-05-07T19:54:24.678000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2021-26257date:2022-08-19T00:00:00
db:JVNDBid:JVNDB-2021-020192date:2023-09-26T08:28:00
db:CNNVDid:CNNVD-202208-2681date:2022-08-29T00:00:00
db:NVDid:CVE-2021-26257date:2025-05-05T17:17:02.080

SOURCES RELEASE DATE

db:VULMONid:CVE-2021-26257date:2022-08-18T00:00:00
db:JVNDBid:JVNDB-2021-020192date:2023-09-26T00:00:00
db:CNNVDid:CNNVD-202208-2681date:2022-08-10T00:00:00
db:NVDid:CVE-2021-26257date:2022-08-18T20:15:09.367