CVE-2024-25563 - Vulnerability Details

Improper initialization in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi before version 23.40 may allow a privileged user to potentially enable information disclosure via local access.

Attack Vector Local

Attack Complexity Low

Privileges Required High

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00084.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Intel Subscribe	Killer Subscribe Killer Wi-fi 6 Ax1650 Subscribe Killer Wi-fi 6e Ax1675 Subscribe Killer Wi-fi 6e Ax1690 Subscribe Killer Wi-fi 7 Be1750 Subscribe Proset\/wireless Wifi Subscribe Wi-fi 6 Ax200 Subscribe Wi-fi 6 Ax201 Subscribe Wi-fi 6e Ax210 Subscribe Wi-fi 6e Ax211 Subscribe Wi-fi 6e Ax411 Subscribe Wi-fi 7 Be200 Subscribe Wireless-ac 9260 Subscribe Wireless-ac 9560 Subscribe

Configuration 1 [-]

AND

OR	cpe:2.3:a:intel:killer::::::::
	cpe:2.3:a:intel:proset\/wireless_wifi::::::::

OR	cpe:2.3:h:intel:killer_wi-fi_6_ax1650:-:::::::*
	cpe:2.3:h:intel:killer_wi-fi_6e_ax1675:-:::::::*
	cpe:2.3:h:intel:killer_wi-fi_6e_ax1690:-:::::::*
	cpe:2.3:h:intel:killer_wi-fi_7_be1750:-:::::::*
	cpe:2.3:h:intel:wi-fi_6_ax200:-:::::::*
	cpe:2.3:h:intel:wi-fi_6_ax201:-:::::::*
	cpe:2.3:h:intel:wi-fi_6e_ax210:-:::::::*
	cpe:2.3:h:intel:wi-fi_6e_ax211:-:::::::*
	cpe:2.3:h:intel:wi-fi_6e_ax411:-:::::::*
	cpe:2.3:h:intel:wi-fi_7_be200:-:::::::*
	cpe:2.3:h:intel:wireless-ac_9260:-:::::::*
	cpe:2.3:h:intel:wireless-ac_9560:-:::::::*

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2024-22891	Improper initialization in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi before version 23.40 may allow a privileged user to potentially enable information disclosure via local access.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01108.html

History

Tue, 30 Sep 2025 00:00:00 +0900

Type	Values Removed	Values Added
First Time appeared		Intel Intel killer Intel killer Wi-fi 6 Ax1650 Intel killer Wi-fi 6e Ax1675 Intel killer Wi-fi 6e Ax1690 Intel killer Wi-fi 7 Be1750 Intel proset\/wireless Wifi Intel wi-fi 6 Ax200 Intel wi-fi 6 Ax201 Intel wi-fi 6e Ax210 Intel wi-fi 6e Ax211 Intel wi-fi 6e Ax411 Intel wi-fi 7 Be200 Intel wireless-ac 9260 Intel wireless-ac 9560
CPEs		cpe:2.3:a:intel:killer:::::::: cpe:2.3:a:intel:proset\/wireless_wifi:::::::: cpe:2.3:h:intel:killer_wi-fi_6_ax1650:-:::::::* cpe:2.3:h:intel:killer_wi-fi_6e_ax1675:-:::::::* cpe:2.3:h:intel:killer_wi-fi_6e_ax1690:-:::::::* cpe:2.3:h:intel:killer_wi-fi_7_be1750:-:::::::* cpe:2.3:h:intel:wi-fi_6_ax200:-:::::::* cpe:2.3:h:intel:wi-fi_6_ax201:-:::::::* cpe:2.3:h:intel:wi-fi_6e_ax210:-:::::::* cpe:2.3:h:intel:wi-fi_6e_ax211:-:::::::* cpe:2.3:h:intel:wi-fi_6e_ax411:-:::::::* cpe:2.3:h:intel:wi-fi_7_be200:-:::::::* cpe:2.3:h:intel:wireless-ac_9260:-:::::::* cpe:2.3:h:intel:wireless-ac_9560:-:::::::*
Vendors & Products		Intel Intel killer Intel killer Wi-fi 6 Ax1650 Intel killer Wi-fi 6e Ax1675 Intel killer Wi-fi 6e Ax1690 Intel killer Wi-fi 7 Be1750 Intel proset\/wireless Wifi Intel wi-fi 6 Ax200 Intel wi-fi 6 Ax201 Intel wi-fi 6e Ax210 Intel wi-fi 6e Ax211 Intel wi-fi 6e Ax411 Intel wi-fi 7 Be200 Intel wireless-ac 9260 Intel wireless-ac 9560

Fri, 15 Nov 2024 05:15:00 +0900

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Thu, 14 Nov 2024 06:15:00 +0900

Type	Values Removed	Values Added
Description		Improper initialization in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi before version 23.40 may allow a privileged user to potentially enable information disclosure via local access.
Weaknesses		CWE-665
References		https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01108.html
Metrics		cvssV3_1 `{'score': 3.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N'}` cvssV4_0 `{'score': 4.6, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: intel

Published: 2024-11-13T21:02:46.527Z

Updated: 2024-11-14T19:47:41.889Z

Reserved: 2024-03-01T04:00:12.599Z

Link: CVE-2024-25563

Vulnrichment

Updated: 2024-11-14T15:10:21.387Z

NVD

Status : Analyzed

Published: 2024-11-13T21:15:12.193

Modified: 2025-09-29T14:45:36.223

Link: CVE-2024-25563

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-665

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Projects

JSON object

JSON object

JSON object

JSON object

JSON object