CVE-2023-29468

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 14, 2023
Updated: Aug 22, 2023
CWE ID 120

Summary

CVE-2023-29468 is a vulnerability affecting the Texas Instruments (TI) WiLink WL18xx MCP driver. The issue lies in the lack of a limit on the number of information elements (IEs) of types XCC_EXT_1_IE_ID and XCC_EXT_2_IE_ID that can be parsed in a management frame. An attacker can exploit this vulnerability by crafting a specially formatted frame, resulting in a buffer overflow. This buffer overflow can potentially lead to remote code execution. The affected versions include WILINK8-WIFI-MCP8 version 8.5_SP3 and earlier.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share