Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2019-6496

The ThreadX-based firmware on Marvell Avastar Wi-Fi devices, models 88W8787, 88W8797, 88W8801, 88W8897, and 88W8997, allows remote attackers to execute arbitrary code or cause a denial of service (block pool overflow) via malformed Wi-Fi packets during identification of available Wi-Fi networks. Exploitation of the Wi-Fi device can lead to exploitation of the host application processor in some cases, but this depends on several factors including host OS hardening and the availability of DMA.

Published

2019-01-20T20:29:00.917

Last Modified

2024-11-21T04:46:33.307

Status

Modified

Source

[email protected]

Severity

CVSSv3.0: 8.8 (HIGH)

CVSSv2 Vector

AV:A/AC:L/Au:N/C:C/I:C/A:C

Access Vector: ADJACENT_NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

6.5

Impact Score

10.0

Weaknesses

Type: Primary
CWE-787

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	marvell	88w8787_firmware	-	Yes
Hardware	marvell	88w8787	-	No
Operating System	marvell	88w8797_firmware	-	Yes
Hardware	marvell	88w8797	-	No
Operating System	marvell	88w8801_firmware	-	Yes
Hardware	marvell	88w8801	-	No
Operating System	marvell	88w8897_firmware	-	Yes
Hardware	marvell	88w8897	-	No
Operating System	marvell	88w8997_firmware	-	Yes
Hardware	marvell	88w8997	-	No

References

http://www.securityfocus.com/bid/106865 Third Party Advisory, VDB Entry ([email protected])
https://2018.zeronights.ru/wp-content/uploads/materials/19-Researching-Marvell-Avastar-Wi-Fi.pdf Exploit, Third Party Advisory ([email protected])
https://embedi.org/blog/remotely-compromise-devices-by-using-bugs-in-marvell-avastar-wi-fi-from-zero-knowledge-to-zero-click-rce/ Third Party Advisory ([email protected])
https://www.kb.cert.org/vuls/id/730261/ Third Party Advisory, US Government Resource ([email protected])
https://www.scribd.com/document/398350818/WiFi-CVE-2019-6496-Marvell-s-Statement Third Party Advisory ([email protected])
https://www.synology.com/security/advisory/Synology_SA_19_07 Third Party Advisory ([email protected])
https://www.zdnet.com/article/wifi-firmware-bug-affects-laptops-smartphones-routers-gaming-devices/ Exploit, Press/Media Coverage, Third Party Advisory ([email protected])
http://www.securityfocus.com/bid/106865 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://2018.zeronights.ru/wp-content/uploads/materials/19-Researching-Marvell-Avastar-Wi-Fi.pdf Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://embedi.org/blog/remotely-compromise-devices-by-using-bugs-in-marvell-avastar-wi-fi-from-zero-knowledge-to-zero-click-rce/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.kb.cert.org/vuls/id/730261/ Third Party Advisory, US Government Resource (af854a3a-2127-422b-91ae-364da2661108)
https://www.scribd.com/document/398350818/WiFi-CVE-2019-6496-Marvell-s-Statement Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.synology.com/security/advisory/Synology_SA_19_07 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.zdnet.com/article/wifi-firmware-bug-affects-laptops-smartphones-routers-gaming-devices/ Exploit, Press/Media Coverage, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)