CVE-2019-6496

Published: Jan 20, 2019Modified: Nov 21, 2024

8.8

Vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

The ThreadX-based firmware on Marvell Avastar Wi-Fi devices, models 88W8787, 88W8797, 88W8801, 88W8897, and 88W8997, allows remote attackers to execute arbitrary code or cause a denial of service (block pool overflow) via malformed Wi-Fi packets during identification of available Wi-Fi networks. Exploitation of the Wi-Fi device can lead to exploitation of the host application processor in some cases, but this depends on several factors including host OS hardening and the availability of DMA.

Affected (5)

Products: Marvell: 88w8787 Firmware, 88w8797 Firmware, 88w8801 Firmware, 88w8897 Firmware, 88w8997 Firmware

5 products

88w8787 Firmware

88w8797 Firmware

88w8801 Firmware

88w8897 Firmware

88w8997 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Marvell 88w8787 Firmware	All versions

Running on/with	Platform Versions
Marvell 88w8787	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Marvell 88w8797 Firmware	All versions

Running on/with	Platform Versions
Marvell 88w8797	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Marvell 88w8801 Firmware	All versions

Running on/with	Platform Versions
Marvell 88w8801	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Marvell 88w8897 Firmware	All versions

Running on/with	Platform Versions
Marvell 88w8897	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Marvell 88w8997 Firmware	All versions

Running on/with	Platform Versions
Marvell 88w8997	All versions

Related CWEs

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (14)

http://www.securityfocus.com/bid/106865

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://2018.zeronights.ru/wp-content/uploads/materials/19-Researching-Marvell-Avastar-Wi-Fi.pdf

Source: cve@mitre.org

ExploitThird Party Advisory

https://embedi.org/blog/remotely-compromise-devices-by-using-bugs-in-marvell-avastar-wi-fi-from-zero-knowledge-to-zero-click-rce/

Source: cve@mitre.org

Third Party Advisory

https://www.kb.cert.org/vuls/id/730261/

Source: cve@mitre.org

Third Party AdvisoryUS Government Resource

https://www.scribd.com/document/398350818/WiFi-CVE-2019-6496-Marvell-s-Statement

Source: cve@mitre.org

Third Party Advisory

https://www.synology.com/security/advisory/Synology_SA_19_07

Source: cve@mitre.org

Third Party Advisory

https://www.zdnet.com/article/wifi-firmware-bug-affects-laptops-smartphones-routers-gaming-devices/

Source: cve@mitre.org

ExploitPress/Media CoverageThird Party Advisory

http://www.securityfocus.com/bid/106865

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://2018.zeronights.ru/wp-content/uploads/materials/19-Researching-Marvell-Avastar-Wi-Fi.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://embedi.org/blog/remotely-compromise-devices-by-using-bugs-in-marvell-avastar-wi-fi-from-zero-knowledge-to-zero-click-rce/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.kb.cert.org/vuls/id/730261/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

https://www.scribd.com/document/398350818/WiFi-CVE-2019-6496-Marvell-s-Statement

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.synology.com/security/advisory/Synology_SA_19_07

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.zdnet.com/article/wifi-firmware-bug-affects-laptops-smartphones-routers-gaming-devices/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPress/Media CoverageThird Party Advisory

Timeline

No history available yet.