Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-29468

The Texas Instruments (TI) WiLink WL18xx MCP driver does not limit the number of information elements (IEs) of type XCC_EXT_1_IE_ID or XCC_EXT_2_IE_ID that can be parsed in a management frame. Using a specially crafted frame, a buffer overflow can be triggered that can potentially lead to remote code execution. This affects WILINK8-WIFI-MCP8 version 8.5_SP3 and earlier.

CVE
#rce#pdf#buffer_overflow#wifi

%PDF-1.4 %���� 2 0 obj <>stream x��<ێc7���+��vt��(���k�� ��n`�x’��V%� �`�~ū�c����!H�,�BQ$E���W����>�����#��5�c�⚶c��/�}}�n�⯏���7�ݭ��}�vy��~��G���7�����e��w������c��w�oPY]��������u8�i��> �Q�}�����/���}\,q^�#�|�e"���Ε5�cmE( �#m0)S������:���a�SsO}�:��{]���S�z=�ö� ��P磝c^�Hŭq;&��w��󧿍�Y��]��;�|,���[�k���Z��ƣۀ����3mւ�}9ּD�w ��_���.~�������!�?���i�PWO͡N�-��%C��(.c�އ���p�3�"��’tj�r(��W�W�43!�b�Pd�:w����B��bD(5l�����jJ�^��[�3{��w�30=�˰��1t��$�k#rҋ]b�bB����!�Fd�,B 7刽I�� ����aD’.�h=����Ē�4uF�L��yN5l��+]:�>�d�I=\/8����I\a��^z;b A����C�{�p�7�� >�.0z���}��~�$J(fU�Cp��� ya9N�C�r%~���A��>��s� U G&’|(&��"��4�I�HCC2G��iM� )��XX�’�kV(Lm,��C BQ�zWZ�S��&���D�\b��$s��ӎ����ۥo�����j��q[z7Pu+�y���5��އ�}�#e:��I��H!8���<ԹՁ�x��n18%��fV�-��m`o\&wΉ�xО�~��n����Bk/A,���E$�K�� �4wKvI����{)�$�^`�63,T2H0Lʝԓ@��e�\�e��v�ȭc�m�5�Yw�!D�]ṗH�X�d�B�2L�L��V��ٌ˪�’��L � ����.�� ����M�`�!z���ʸs�(%�����v ��yI|��z�4�@@�/+�t��8;�TQ;�ɺU�]�p�AD������!����� #_�A�$��h�#�"�(��l�P*�Չn8h�Rĉ�k��%��[qG��9D��#��+���ds�tE*d�6�hD���̣�"�cD�(߭�,Ē�ϖ�Ψ6��WzA��[���+ �nwÆ;�pyQ�X/+s��Lt�@)�>�s���B�r�@Z��� �Ќ���� ��A�*�"���)2�h��$�I�V�*� +����(=Ū���ܡ��y-}H;�XD�De������qͭԣC�.1*Ά3!���� �.�L�#��F�’v�Vt3����u��o’�D�%� �P-�G���%P�L��$۵��Ƥ�Ќ��A*�������9�&� 8�0z@�e�nH�9@�$|!�L�6�Br�u�,�Q�Al�Hln bʞL�J�O��~�pEK��G.G2���]u`��7�dъ���+ �Nw֝��J�X�A /n9�鋀r��!�3(*���r�u�9 '�DzX�� �NE݋Y�/*����?9)����

Related news

Ford says it’s safe to drive its cars with a WiFi vulnerability

Categories: Exploits and vulnerabilities Categories: News Tags: Ford Tags: Lincoln Tags: SYNC 3 Tags: CVE-2023-29468 Tags: TI WLink Tags: MCP driver A vulnerability in the SYNC 3 infotainment will not have a negative effect on driving safety, says Ford. (Read more...) The post Ford says it’s safe to drive its cars with a WiFi vulnerability appeared first on Malwarebytes Labs.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907