CVE-2021-23168 is a vulnerability identified in certain Intel PROSet/Wireless WiFi and Killer WiFi products. The issue is classified as an out-of-bounds read (CWE-125), which occurs when the software reads data outside the boundaries of allocated memory buffers. This flaw can be triggered by an unauthenticated attacker who is adjacent to the vulnerable device, meaning they are within wireless communication range. Exploiting this vulnerability could lead to a denial of service (DoS) condition, where the affected WiFi device or driver crashes or becomes unresponsive, disrupting network connectivity. The vulnerability does not impact confidentiality or integrity directly but affects availability by causing service interruptions. The CVSS v3.1 base score is 6.5 (medium severity), with the vector AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H indicating that the attack requires adjacent network access, low attack complexity, no privileges or user interaction, and results in high impact on availability. No known exploits are reported in the wild, and no patches are linked in the provided data, though it is likely that Intel has addressed this in updates. The vulnerability affects wireless network drivers and software components that manage WiFi connectivity on devices using Intel PROSet/Wireless and Killer WiFi products, which are commonly integrated into laptops, desktops, and other wireless-enabled devices.

For European organizations, this vulnerability poses a risk primarily to the availability of wireless network services. Enterprises relying on Intel PROSet/Wireless or Killer WiFi adapters in their endpoint devices could experience network disruptions if an attacker within wireless range exploits this flaw. This could impact business continuity, especially in environments where wireless connectivity is critical, such as offices, manufacturing floors, or public access points. Although the vulnerability does not compromise data confidentiality or integrity, denial of service attacks can degrade operational efficiency and potentially cause cascading effects if critical systems lose network access. Given the requirement for adjacent access, the threat is more relevant in densely populated or public environments where attackers can physically approach targets. Remote exploitation is not feasible, limiting the scope to local attackers or insiders. The absence of known exploits reduces immediate risk but does not eliminate the potential for future attacks.

Organizations should ensure that all devices using Intel PROSet/Wireless and Killer WiFi products are updated with the latest drivers and firmware provided by Intel or device manufacturers, as patches addressing this vulnerability are likely available beyond the provided data. Network administrators should implement wireless network segmentation and monitoring to detect unusual activity or repeated connection attempts that could indicate exploitation attempts. Limiting physical access to sensitive areas and enforcing strong wireless security policies (e.g., WPA3, network access control) can reduce the risk of adjacent attackers. Additionally, organizations should consider deploying intrusion detection systems capable of monitoring wireless traffic anomalies. Endpoint security solutions should be configured to alert on driver crashes or network interface failures that may result from exploitation attempts. Finally, educating staff about the risks of connecting to untrusted wireless networks and maintaining physical security around wireless infrastructure can further mitigate exposure.