Vulnerabilities > CVE-2019-9501 - Out-of-bounds Write vulnerability in multiple products

CVSS 8.8 - HIGH

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

low complexity

synology

broadcom

CWE-787

NVD

Published: 2020-02-03

Updated: 2020-02-10

Summary

The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. By supplying a vendor information element with a data length larger than 32 bytes, a heap buffer overflow is triggered in wlc_wpa_sup_eapol. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.

Vulnerable Configurations

Part	Description	Count
Application	Synology Synology Router Manager 1.2	1
OS	Broadcom Broadcom Bcm4339 Firmware -	1
Hardware	Broadcom Broadcom Bcm4339 -	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References