Описание
The ThreadX-based firmware on Marvell Avastar Wi-Fi devices, models 88W8787, 88W8797, 88W8801, 88W8897, and 88W8997, allows remote attackers to execute arbitrary code or cause a denial of service (block pool overflow) via malformed Wi-Fi packets during identification of available Wi-Fi networks. Exploitation of the Wi-Fi device can lead to exploitation of the host application processor in some cases, but this depends on several factors including host OS hardening and the availability of DMA.
Ссылки
- Third Party AdvisoryVDB Entry
- ExploitThird Party Advisory
- Third Party Advisory
- Third Party AdvisoryUS Government Resource
- Third Party Advisory
- Third Party Advisory
- ExploitPress/Media CoverageThird Party Advisory
- Third Party AdvisoryVDB Entry
- ExploitThird Party Advisory
- Third Party Advisory
- Third Party AdvisoryUS Government Resource
- Third Party Advisory
- Third Party Advisory
- ExploitPress/Media CoverageThird Party Advisory
Уязвимые конфигурации
Одновременно
Одновременно
Одновременно
Одновременно
Одновременно
EPSS
8.8 High
CVSS3
8.3 High
CVSS2
Дефекты
Связанные уязвимости
The ThreadX-based firmware on Marvell Avastar Wi-Fi devices, models 88W8787, 88W8797, 88W8801, 88W8897, and 88W8997, allows remote attackers to execute arbitrary code or cause a denial of service (block pool overflow) via malformed Wi-Fi packets during identification of available Wi-Fi networks. Exploitation of the Wi-Fi device can lead to exploitation of the host application processor in some cases, but this depends on several factors including host OS hardening and the availability of DMA.
EPSS
8.8 High
CVSS3
8.3 High
CVSS2