CVE-2019-6496
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
The ThreadX-based firmware on Marvell Avastar Wi-Fi devices, models 88W8787, 88W8797, 88W8801, 88W8897, and 88W8997, allows remote attackers to execute arbitrary code or cause a denial of service (block pool overflow) via malformed Wi-Fi packets during identification of available Wi-Fi networks. Exploitation of the Wi-Fi device can lead to exploitation of the host application processor in some cases, but this depends on several factors including host OS hardening and the availability of DMA.
El firmware basado en ThreadX de los dispositivos wifi de Marvell Avastar, en modelos 88W8787, 88W8797, 88W8801, 88W8897 y 88W8997, permite que los atacantes remotos ejecuten código arbitrario o provoquen una denegación de servicio (desbordamiento del grupo de bloques) mediante paquetes wifi mal formados durante la identificación de redes wifi disponibles. La explotación del dispositivo wifi puede conducir a la explotación del procesador de la aplicación host en algunos casos, pero esto depende de varios factores, incluyendo el bastionado del sistema operativo del host y la disponibilidad de DMA.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-01-19 CVE Reserved
- 2019-01-19 CVE Published
- 2024-08-04 CVE Updated
- 2024-08-04 First Exploit
- 2024-11-03 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-787: Out-of-bounds Write
CAPEC
References (7)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/106865 | Third Party Advisory | |
https://embedi.org/blog/remotely-compromise-devices-by-using-bugs-in-marvell-avastar-wi-fi-from-zero-knowledge-to-zero-click-rce | Third Party Advisory | |
https://www.kb.cert.org/vuls/id/730261 | Third Party Advisory | |
https://www.scribd.com/document/398350818/WiFi-CVE-2019-6496-Marvell-s-Statement | Third Party Advisory | |
https://www.synology.com/security/advisory/Synology_SA_19_07 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Marvell Search vendor "Marvell" | 88w8787 Firmware Search vendor "Marvell" for product "88w8787 Firmware" | - | - |
Affected
| in | Marvell Search vendor "Marvell" | 88w8787 Search vendor "Marvell" for product "88w8787" | - | - |
Safe
|
Marvell Search vendor "Marvell" | 88w8797 Firmware Search vendor "Marvell" for product "88w8797 Firmware" | - | - |
Affected
| in | Marvell Search vendor "Marvell" | 88w8797 Search vendor "Marvell" for product "88w8797" | - | - |
Safe
|
Marvell Search vendor "Marvell" | 88w8801 Firmware Search vendor "Marvell" for product "88w8801 Firmware" | - | - |
Affected
| in | Marvell Search vendor "Marvell" | 88w8801 Search vendor "Marvell" for product "88w8801" | - | - |
Safe
|
Marvell Search vendor "Marvell" | 88w8897 Firmware Search vendor "Marvell" for product "88w8897 Firmware" | - | - |
Affected
| in | Marvell Search vendor "Marvell" | 88w8897 Search vendor "Marvell" for product "88w8897" | - | - |
Safe
|
Marvell Search vendor "Marvell" | 88w8997 Firmware Search vendor "Marvell" for product "88w8997 Firmware" | - | - |
Affected
| in | Marvell Search vendor "Marvell" | 88w8997 Search vendor "Marvell" for product "88w8997" | - | - |
Safe
|