CVE-2024-28049 – This vulnerability allows an unauthenticated at... (How to Fix)

Q: What is the severity of CVE-2024-28049?

CVE-2024-28049 has a CVSS score of 5.7 (MEDIUM). This vulnerability allows an unauthenticated attacker on the same network to cause denial of service by sending specially crafted packets to affected Intel Wi-Fi adapters. It affects systems with Intel PROSet/Wireless or Killer Wi-Fi software before version 23.40.

📋 TL;DR

This vulnerability allows an unauthenticated attacker on the same network to cause denial of service by sending specially crafted packets to affected Intel Wi-Fi adapters. It affects systems with Intel PROSet/Wireless or Killer Wi-Fi software before version 23.40.

💻 Affected Systems

Products:

Intel PROSet/Wireless Software
Intel Killer Wi-Fi Software

Versions: All versions before 23.40

Operating Systems: Windows, Linux

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems with vulnerable Intel Wi-Fi adapters and the associated driver/software stack.

📦 What is this software?

Killer by Intel

View all CVEs affecting Killer →

Proset\/wireless Wifi by Intel

View all CVEs affecting Proset\/wireless Wifi →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete disruption of Wi-Fi connectivity on affected systems, requiring physical intervention or reboot to restore functionality.

🟠

Likely Case

Temporary Wi-Fi disconnection or degraded performance on vulnerable systems when targeted by malicious adjacent network traffic.

🟢

If Mitigated

No impact if systems are patched or isolated from untrusted networks.

🌐 Internet-Facing: LOW - Requires adjacent network access, not directly exploitable from the internet.

🏢 Internal Only: MEDIUM - Exploitable by any device on the same local network segment, including guest networks and shared office spaces.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires adjacent network access but no authentication. The advisory suggests the attack is relatively straightforward.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 23.40 or later

Vendor Advisory: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01108.html

Restart Required: Yes

Instructions:

1. Download Intel Driver & Support Assistant from Intel website. 2. Run the tool to detect affected drivers. 3. Follow prompts to update to version 23.40 or later. 4. Restart the system.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate vulnerable systems from untrusted network segments using VLANs or firewall rules.

Disable Vulnerable Adapter

windows

Temporarily disable the Intel Wi-Fi adapter if not needed, using wired Ethernet instead.

netsh interface set interface "Wi-Fi" admin=disable

🧯 If You Can't Patch

Implement strict network access controls to limit adjacent device communication
Monitor for unusual Wi-Fi disconnection patterns and network traffic anomalies

🔍 How to Verify

Check if Vulnerable:

Check Intel Driver & Support Assistant or Device Manager for Wi-Fi driver version. If version is below 23.40, system is vulnerable.

Check Version:

wmic path win32_pnpsigneddriver where "devicename like '%wireless%'" get devicename, driverversion

Verify Fix Applied:

Confirm Wi-Fi driver version is 23.40 or higher in Device Manager or using Intel's tools.

📡 Detection & Monitoring

Log Indicators:

Multiple Wi-Fi adapter resets
Driver crash events in system logs
Unexpected network disconnections

Network Indicators:

Unusual broadcast/multicast traffic targeting Wi-Fi MAC addresses
Suspicious adjacent network scanning

SIEM Query:

EventID=1001 OR EventID=6008 OR (Source="Intel" AND EventText CONTAINS "wireless" AND EventText CONTAINS "error")

📊 Metadata

CVE ID: CVE-2024-28049

CVSS v3 Score: 5.7 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWE: CWE-20

Published: November 13, 2024

Last Updated: September 29, 2025

🔗 References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01108.html Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-28049, you might also want to check these: