Details of VAR-202208-0856

ID

VAR-202208-0856

CVE

CVE-2021-33847

TITLE

Buffer Error Vulnerability in Multiple Intel Products

Trust: 0.8

sources: JVNDB: JVNDB-2021-020177

DESCRIPTION

Improper buffer restrictions in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow an authenticated user to potentially enable escalation of privilege via local access. wi-fi 6 ax411 firmware, wi-fi 6 ax211 firmware, wi-fi 6 ax210 Multiple Intel products such as firmware contain a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.62

sources: NVD: CVE-2021-33847 // JVNDB: JVNDB-2021-020177

IOT TAXONOMY

category:

['network device']

sub_category:

bluetooth device

Trust: 0.1

sources: OTHER: None

AFFECTED PRODUCTS

vendor:	intel	model:	dual band wireless-ac 3165	scope:	lt	version:	22.120	Trust: 1.0
vendor:	intel	model:	killer wireless-ac 1550	scope:	lt	version:	22.120	Trust: 1.0
vendor:	intel	model:	dual band wireless-ac 8260	scope:	lt	version:	22.120	Trust: 1.0
vendor:	intel	model:	wi-fi 6 ax210	scope:	lt	version:	22.120	Trust: 1.0
vendor:	intel	model:	wi-fi 6 ax201	scope:	lt	version:	22.120	Trust: 1.0
vendor:	intel	model:	wireless-ac 9560	scope:	lt	version:	22.120	Trust: 1.0
vendor:	intel	model:	killer wi-fi 6 ax1650	scope:	lt	version:	22.120	Trust: 1.0
vendor:	intel	model:	killer wi-fi 6e ax1675	scope:	lt	version:	22.120	Trust: 1.0
vendor:	intel	model:	wi-fi 6 ax211	scope:	lt	version:	22.120	Trust: 1.0
vendor:	intel	model:	wi-fi 6 ax411	scope:	lt	version:	22.120	Trust: 1.0
vendor:	intel	model:	wireless-ac 9260	scope:	lt	version:	22.120	Trust: 1.0
vendor:	intel	model:	wireless 7265	scope:	lt	version:	22.120	Trust: 1.0
vendor:	intel	model:	wireless-ac 9461	scope:	lt	version:	22.120	Trust: 1.0
vendor:	intel	model:	wi-fi 6 ax200	scope:	lt	version:	22.120	Trust: 1.0
vendor:	intel	model:	killer wi-fi 6e ax1690	scope:	lt	version:	22.120	Trust: 1.0
vendor:	intel	model:	dual band wireless-ac 3168	scope:	lt	version:	22.120	Trust: 1.0
vendor:	intel	model:	wireless-ac 9462	scope:	lt	version:	22.120	Trust: 1.0
vendor:	intel	model:	dual band wireless-ac 8265	scope:	lt	version:	22.120	Trust: 1.0
vendor:	インテル	model:	dual band wireless-ac 8260	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	killer wi-fi 6e ax1675	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	dual band wireless-ac 3165	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	killer wi-fi 6 ax1650	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	wireless-ac 9462	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	wireless-ac 9461	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	wireless-ac 9560	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	intel wi-fi 6 ax201	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	wireless 7265	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	dual band wireless-ac 3168	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	dual band wireless-ac 8265	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	wi-fi 6 ax210	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	intel wi-fi 6 ax200	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	wi-fi 6 ax211	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	wi-fi 6 ax411	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	killer wireless-ac 1550	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	killer wi-fi 6e ax1690	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	wireless-ac 9260	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-020177 // NVD: CVE-2021-33847

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-33847
value:	HIGH
Trust: 1.0
134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2021-33847
value:	HIGH
Trust: 1.0
NVD:	CVE-2021-33847
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202208-2683
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2021-33847
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 2.0
NVD:	CVE-2021-33847
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2021-020177 // CNNVD: CNNVD-202208-2683 // NVD: CVE-2021-33847 // NVD: CVE-2021-33847

PROBLEMTYPE DATA

problemtype:	CWE-119	Trust: 1.0
problemtype:	Buffer error (CWE-119) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2021-020177 // NVD: CVE-2021-33847

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202208-2683

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202208-2683

PATCH

title:

Intel Wireless Bluetooth and Killer Bluetooth Buffer error vulnerability fix

url:

http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=205726

Trust: 0.6

sources: CNNVD: CNNVD-202208-2683

EXTERNAL IDS

db:	NVD	id:	CVE-2021-33847	Trust: 3.3
db:	JVN	id:	JVNVU99494206	Trust: 0.8
db:	JVNDB	id:	JVNDB-2021-020177	Trust: 0.8
db:	AUSCERT	id:	ESB-2022.3961	Trust: 0.6
db:	CNNVD	id:	CNNVD-202208-2683	Trust: 0.6
db:	OTHER	id:	NONE	Trust: 0.1

sources: OTHER: None // JVNDB: JVNDB-2021-020177 // CNNVD: CNNVD-202208-2683 // NVD: CVE-2021-33847

REFERENCES

url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00628.html	Trust: 2.4
url:	https://jvn.jp/vu/jvnvu99494206/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2021-33847	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2021-33847/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.3961	Trust: 0.6
url:	https://ieeexplore.ieee.org/abstract/document/10769424	Trust: 0.1

sources: OTHER: None // JVNDB: JVNDB-2021-020177 // CNNVD: CNNVD-202208-2683 // NVD: CVE-2021-33847

SOURCES

db:	OTHER	id:	-
db:	JVNDB	id:	JVNDB-2021-020177
db:	CNNVD	id:	CNNVD-202208-2683
db:	NVD	id:	CVE-2021-33847

LAST UPDATE DATE

2025-05-07T20:40:56.392000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2021-020177	date:	2023-09-25T08:47:00
db:	CNNVD	id:	CNNVD-202208-2683	date:	2022-08-29T00:00:00
db:	NVD	id:	CVE-2021-33847	date:	2025-05-05T17:17:25.557

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2021-020177	date:	2023-09-25T00:00:00
db:	CNNVD	id:	CNNVD-202208-2683	date:	2022-08-10T00:00:00
db:	NVD	id:	CVE-2021-33847	date:	2022-08-18T20:15:09.587