Intel ID:	INTEL-SA-00188
Advisory Category:	Software
Impact of vulnerability:	Escalation of Privilege, Denial of Service, Information Disclosure
Original release:	11/13/2018
Last revised:	11/13/2018

Summary:

Multiple potential security vulnerabilities in Cisco Compatible eXtensions (CCX) component in Intel® PROSet/Wireless WiFi Software may allow escalation of privilege, denial of service and/or information disclosure. Intel is releasing PROSet/Wireless WiFi Software updates to mitigate this potential vulnerability.

Vulnerability Details:

Due to vulnerabilities in OpenSSL version 0.9.8e compiled into the Cisco Compatible eXtensions (CCX) component, which is part of the Intel® PROSet/Wireless WiFi Software, Intel is announcing End-of-Life (EOL) support for CCX. The CCX component has been removed from the Intel® PROSet/Wireless WiFi Software v20.90.0.7 for Microsoft Windows* 7, 8.1 and 10.

Affected Products:

Intel® PROSet/Wireless WiFi Software prior to version 20.90.

Recommendations:

Intel recommends that users of Intel® PROSet/Wireless WiFi Software update to 20.90 or later.

Updates are available for download at this location: https://downloadcenter.intel.com/pro...ess-Networking

Acknowledgements:

Intel would like to thank Huawei for reporting this issue and working with us on coordinated disclosure.

Revision History

Revision	Date	Description
1.0	11/13/2018	Initial Release

Source: INTEL-SA-00188

Posted By: Brink
13 Nov 2018