CVE-2023-29468
published 2023-08-14CVE-2023-29468: The Texas Instruments (TI) WiLink WL18xx MCP driver does not limit the number of information elements (IEs) of type XCC_EXT_1_IE_ID or XCC_EXT_2_IE_ID that can…
PriorityP263critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
10.08%
95.1th percentile
The Texas Instruments (TI) WiLink WL18xx MCP driver does not limit the number of information elements (IEs) of type XCC_EXT_1_IE_ID or XCC_EXT_2_IE_ID that can be parsed in a management frame. Using a specially crafted frame, a buffer overflow can be triggered that can potentially lead to remote code execution. This affects WILINK8-WIFI-MCP8 version 8.5_SP3 and earlier.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ti | wilink8-wifi-mcp8 | < 8.5 | 8.5 |
| ti | wilink8-wifi-mcp8 | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Trigger condition: a specially crafted Wi-Fi management frame containing an excessive number of IEs of type XCC_EXT_1_IE_ID or XCC_EXT_2_IE_ID can overflow a buffer in the TI WiLink WL18xx MCP driver, potentially leading to remote code execution ↗
- ·Vulnerability affects WILINK8-WIFI-MCP8 version 8.5_SP3 and earlier; versions after 8.5_SP3 are not listed as affected ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
2023-08-14
Published