Key Information Summary Vulnerability Overview Intel ID: INTEL-SA-01276 Category: Firmware Impact: Denial of Service Severity Rating: High Original Release Date: May 13, 2023 Last Updated Date: May 13, 2023 Vulnerability Details CVE-2025-20046: After using the free Intel® PROSet/Wireless WiFi software, Windows versions prior to 23.100 may allow unauthorized users to potentially enable denial of service via local access. CVE-2025-20033: Improper input validation in some Intel® PROSet/Wireless WiFi software for Windows versions prior to 23.100 may allow privileged users to potentially enable denial of service via local access. CVE-2025-20038: Stack buffer overflow in some Intel® PROSet/Wireless WiFi software for Windows versions prior to 23.100 may allow privileged users to potentially enable denial of service via local access. CVE-2025-20090: After using the free Intel® PROSet/Wireless WiFi software, Windows versions prior to 23.100 may allow unauthorized users to potentially enable denial of service via local access. CVE-2025-20039: Specific conditions in Intel® PROSet/Wireless WiFi software may allow unauthorized users to potentially enable denial of service via local access. CVE-2025-20036: Out-of-bounds read in Intel® PROSet/Wireless WiFi software for Windows versions prior to 23.100 may allow unauthorized users to potentially enable denial of service via local access. CVE-2025-20035: After using the free Intel® PROSet/Wireless WiFi software, Windows versions prior to 23.100 may allow unauthorized users to potentially enable denial of service via local access. Affected Products Multiple Intel Wi-Fi and Intel AX products are affected, including AX200, AX210, AX211, AX201, BE200, BE201, BE202, AX101, AX203, etc. Recommended Actions Intel recommends upgrading the Intel® Wireless Wi-Fi driver to version 23.100 or higher. A download link is provided to obtain the updated driver. Additional Information The vulnerabilities were internally discovered by Intel employees. Intel follows a coordinated disclosure policy, and vulnerability details are only disclosed after patches are available.