The Texas Instruments (TI) WiLink WL18xx MCP driver does not limit the number of information elements (IEs) of type XCC_EXT_1_IE_ID or XCC_EXT_2_IE_ID that can be parsed in a management frame. Using a specially crafted frame, a buffer overflow can be triggered that can potentially lead to remote code execution. This affects WILINK8-WIFI-MCP8 version 8.5_SP3 and previous versions.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ti wilink8-wifi-mcp8 8.5 |
||
ti wilink8-wifi-mcp8 |