CVE-2023-33875
📋 TL;DR
This vulnerability in Intel PROSet/Wireless and Killer Wi-Fi software allows unauthenticated local users to trigger denial of service conditions. It affects systems running vulnerable versions of these Intel wireless drivers and management software. The issue stems from improper access control that doesn't properly restrict local user actions.
💻 Affected Systems
- Intel PROSet/Wireless Software
- Intel Killer Wi-Fi Software
📦 What is this software?
Killer by Intel
⚠️ Risk & Real-World Impact
Worst Case
Complete system instability or crash requiring reboot, potentially disrupting critical operations on affected systems.
Likely Case
Temporary Wi-Fi service disruption affecting connectivity until system restart or driver reload.
If Mitigated
Minimal impact with proper network segmentation and user privilege restrictions in place.
🎯 Exploit Status
Local access required, no authentication needed. Exploitation likely involves simple local commands or API calls.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 22.240 or later
Vendor Advisory: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00947.html
Restart Required: Yes
Instructions:
1. Download Intel Driver & Support Assistant or visit Intel Download Center
2. Check for available driver updates for your wireless adapter
3. Install version 22.240 or newer
4. Restart system to complete installation
🔧 Temporary Workarounds
Restrict local user privileges
windowsLimit standard user permissions to reduce attack surface
Disable vulnerable services
windowsTemporarily disable Intel wireless management services if not needed
sc stop "Intel(R) Wireless Bluetooth(R)"
sc config "Intel(R) Wireless Bluetooth(R)" start= disabled
🧯 If You Can't Patch
- Implement strict network segmentation to limit lateral movement
- Apply principle of least privilege to all user accounts
🔍 How to Verify
Check if Vulnerable:
Check Intel PROSet/Wireless version in Control Panel > Programs and Features or via Device Manager > Network adapters > Intel wireless adapter > Driver tabCheck Version:
wmic path win32_pnpentity where "caption like '%Intel%Wireless%'" get caption, driverVersionVerify Fix Applied:
Verify installed version is 22.240 or higher using same method📡 Detection & Monitoring
Log Indicators:
- Unexpected service crashes of Intel wireless services
- Access denied errors in application logs related to wireless services
- Multiple failed privilege escalation attempts
Network Indicators:
- Sudden Wi-Fi disconnections on multiple systems
- Unusual local network traffic to wireless service ports
SIEM Query:
EventID=7034 OR EventID=6008 | where ServiceName contains "Intel" and ServiceName contains "Wireless"