Lucene search

[email protected]CVE-2019-6496

HistoryJan 20, 2019 - 8:29 p.m.

CVE-2019-6496

2019-01-2020:29:00

CWE-787

[email protected]

web.nvd.nist.gov

cve-2019-6496

threadx

marvell avastar

wi-fi devices

remote code execution

denial of service

nvd

8.3 High

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

8.8 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

87.7%

JSON

The ThreadX-based firmware on Marvell Avastar Wi-Fi devices, models 88W8787, 88W8797, 88W8801, 88W8897, and 88W8997, allows remote attackers to execute arbitrary code or cause a denial of service (block pool overflow) via malformed Wi-Fi packets during identification of available Wi-Fi networks. Exploitation of the Wi-Fi device can lead to exploitation of the host application processor in some cases, but this depends on several factors including host OS hardening and the availability of DMA.

Affected configurations

NVD

Node

marvell88w8787_firmwareMatch-

AND

marvell88w8787Match-

Node

marvell88w8797_firmwareMatch-

AND

marvell88w8797Match-

Node

marvell88w8801_firmwareMatch-

AND

marvell88w8801Match-

Node

marvell88w8897_firmwareMatch-

AND

marvell88w8897Match-

Node

marvell88w8997_firmwareMatch-

AND

marvell88w8997Match-

CPENameOperatorVersion
marvell:88w8787_firmwaremarvell 88w8787 firmwareeq-

CPE	Name	Operator	Version
marvell:88w8787_firmware	marvell 88w8787 firmware	eq	-

References

www.securityfocus.com/bid/106865

2018.zeronights.ru/wp-content/uploads/materials/19-Researching-Marvell-Avastar-Wi-Fi.pdf

embedi.org/blog/remotely-compromise-devices-by-using-bugs-in-marvell-avastar-wi-fi-from-zero-knowledge-to-zero-click-rce/

www.kb.cert.org/vuls/id/730261/

www.scribd.com/document/398350818/WiFi-CVE-2019-6496-Marvell-s-Statement

www.synology.com/security/advisory/Synology_SA_19_07

www.zdnet.com/article/wifi-firmware-bug-affects-laptops-smartphones-routers-gaming-devices/

8.3 High

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

8.8 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

87.7%

JSON

Related for CVE-2019-6496

cert1 nvd1 prion1 cvelist1