Lucene search

K
certCERTVU:166939
HistoryApr 17, 2019 - 12:00 a.m.

Broadcom WiFi chipset drivers contain multiple vulnerabilities

2019-04-1700:00:00
www.kb.cert.org
358

8.3 High

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

8.8 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.007 Low

EPSS

Percentile

80.1%

Overview

The Broadcom wl driver and the open-source brcmfmac driver for Broadcom WiFi chipsets contain multiple vulnerabilities. The Broadcom wl driver is vulnerable to two heap buffer overflows, and the open-source brcmfmac driver is vulnerable to a frame validation bypass and a heap buffer overflow.

Description

Quarkslab has researched and reported multiple vulnerabilities affecting Broadcom WiFi drivers.

Vulnerabilities in the open source**brcmfmac**** driver:**
CVE-2019-9503: If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will cause this frame to be discarded and not be processed. If the driver receives the firmware event frame from the host, the appropriate handler is called. This frame validation can be bypassed if the bus used is USB (for instance by a wifi dongle). This can allow firmware event frames from a remote source to be processed.

CVE-2019-9500: If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brcmf_wowl_nd_results function. This vulnerability can be exploited by compromised chipsets to compromise the host, or when used in combination with the above frame validation bypass, can be used remotely.

NOTE: The brcmfmac driver only works with Broadcom FullMAC chipsets.

Vulnerabilities in the Broadcom**wl**** driver:**
Two heap buffer overflows can be triggered in the client when parsing an EAPOL message 3 during the 4-way handshake from the access point (AP).

CVE-2019-9501: By supplying a vendor information element with a data length larger than 32 bytes, a heap buffer overflow is triggered in wlc_wpa_sup_eapol.

CVE-2019-9502: If the vendor information element data length is larger than 164 bytes, a heap buffer overflow is triggered in wlc_wpa_plumb_gtk.

NOTE: When the wl driver is used with SoftMAC chipsets, these vulnerabilities are triggered in the host’s kernel. When a FullMAC chipset is being used, these vulnerabilities would be triggered in the chipset’s firmware.


Impact

In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, these vulnerabilities will result in denial-of-service conditions.


Solution

Apply Patches

The brcmfmac driver has been patched to address these vulnerabilities.


The following workarounds can help mitigate this and other WiFi vulnerabilities:

Use Trusted Wifi
Only use WiFi networks that you trust.


Vendor Information

166939

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

Apple Affected

Notified: January 11, 2019 Updated: April 12, 2019

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Broadcom Affected

Notified: January 11, 2019 Updated: April 12, 2019

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Synology __ Affected

Notified: April 09, 2019 Updated: April 23, 2019

Statement Date: April 18, 2019

Status

Affected

Vendor Statement

Please note that RT1900ac [1] employs wpa_supplicant' for EAPOL handshakes instead of broadcom-sta’ by default, but administrators are capable of force enabling the proprietary driver. Hence, Synology considers this vulnerability has limited impact on RT1900ac. For the “brcmfmac” concern, RT1900ac is not affected as it employs Broadcom proprietary driver instead of the open source version.

[1] <https://www.synology.com/products/RT1900ac&gt;

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

Aruba Networks Not Affected

Notified: April 09, 2019 Updated: April 19, 2019

Statement Date: April 16, 2019

Status

Not Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Brocade Communication Systems __ Not Affected

Notified: April 09, 2019 Updated: April 19, 2019

Statement Date: April 18, 2019

Status

Not Affected

Vendor Statement

No Brocade Fibre Channel technology products from Broadcom are currently known to be affected by these vulnerabilities.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Cisco __ Not Affected

Notified: April 09, 2019 Updated: April 19, 2019

Statement Date: April 18, 2019

Status

Not Affected

Vendor Statement

Cisco has evaluated these vulnerabilities and confirmed that no Cisco products are impacted. This assessment is valid for all Cisco enterprise products and Cisco Small Business products.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Extreme Networks __ Not Affected

Notified: April 09, 2019 Updated: April 12, 2019

Statement Date: April 12, 2019

Status

Not Affected

Vendor Statement

For VU#166939, WiNG wireless products from Extreme Networks, Inc. are not affected because we do not use the affected chipsets or drivers.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

LANCOM Systems GmbH __ Not Affected

Notified: April 09, 2019 Updated: April 19, 2019

Statement Date: April 16, 2019

Status

Not Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

LANCOM Systems confirms that no LANCOM product is affected.

Palo Alto Networks Not Affected

Notified: April 09, 2019 Updated: April 19, 2019

Statement Date: April 17, 2019

Status

Not Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Zyxel __ Not Affected

Notified: April 09, 2019 Updated: April 19, 2019

Statement Date: April 15, 2019

Status

Not Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Addendum

Zyxel was initially marked as Affected, this was an error, Zyxel has stated that they are not affected by these vulnerabilities.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23166939 Feedback>).

A10 Networks Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

ACCESS Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

ADTRAN Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

ANTlabs Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

ARRIS Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

AT&T Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

AVM GmbH Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Actelis Networks Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Actiontec Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Aerohive Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

AhnLab Inc Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

AirWatch Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Akamai Technologies, Inc. Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Alcatel-Lucent Enterprise Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Alpine Linux Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Android Open Source Project Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Appgate Network Security Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Arch Linux Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Arista Networks, Inc. Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

AsusTek Computer Inc. Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Atheros Communications Inc. Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Avaya, Inc. Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Barracuda Networks Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Belden Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Belkin, Inc. Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

BlackBerry Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Blue Coat Systems Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

BlueCat Networks, Inc. Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

CA Technologies Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

CZ.NIC Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Cambium Networks Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Ceragon Networks Inc Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Check Point Software Technologies Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Comcast Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Command Software Systems Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

CoreOS Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Cradlepoint Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

D-Link Systems, Inc. Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Debian GNU/Linux Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Dell Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Dell EMC Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Dell SecureWorks Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

DesktopBSD Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Deutsche Telekom Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Devicescape Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Digi International Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

DragonFly BSD Project Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

EfficientIP SAS Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Ericsson Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Espressif Systems Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

European Registry for Internet Domains Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Express Logic Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

F-Secure Corporation Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

F5 Networks, Inc. Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Fastly Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Fedora Project Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Force10 Networks Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Fortinet, Inc. Unknown

Notified: April 15, 2019 Updated: April 15, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Foundry Brocade Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

FreeBSD Project Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

GNU glibc Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Geexbox Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Gentoo Linux Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Google Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

HP Inc. Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

HTC Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Hitachi Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Honeywell Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Huawei Technologies Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

IBM Corporation (zseries) Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Illumos Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

InfoExpress, Inc. Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Infoblox Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Intel Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Internet Systems Consortium Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Internet Systems Consortium - DHCP Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Interniche Technologies, inc. Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Joyent Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Juniper Networks Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Lantronix Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Lenovo Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

LibreSSL Unknown

Notified: April 12, 2019 Updated: April 12, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Linksys Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Marvell Semiconductors Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

McAfee Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

MediaTek Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Medtronic Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

MetaSwitch Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Micro Focus Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Microchip Technology Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Microsoft Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

MikroTik Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Miredo Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Mitel Networks, Inc. Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

NEC Corporation Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

NETSCOUT Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

NLnet Labs Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

NetBSD Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Netgear, Inc. Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Nixu Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Nokia Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

OpenBSD Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

OpenConnect Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

OpenDNS Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

OpenSSL Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Openwall GNU/*/Linux Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Paessler Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Peplink Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Philips Electronics Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

PowerDNS Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Pulse Secure Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

QLogic Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

QUALCOMM Incorporated Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Quagga Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Quantenna Communications Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Red Hat, Inc. Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Riverbed Technologies Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Rocket RTOS Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Roku Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Ruckus Wireless Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

SUSE Linux Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Samsung Mobile Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Samsung Semiconductor Inc. Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Secure64 Software Corporation Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Sierra Wireless Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Slackware Linux Inc. Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

SmoothWall Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Snort Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

SonicWall Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Sonos Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Sony Corporation Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Sophos, Inc. Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Sourcefire Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Symantec Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

TDS Telecom Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

TP-LINK Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Technicolor Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

TippingPoint Technologies Inc. Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Toshiba Commerce Solutions Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

TrueOS Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Turbolinux Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Ubuntu Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Unisys Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

VMware Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Wind River Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Xilinx Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Zebra Technologies Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Zephyr Project Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

aep NETWORKS Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

dnsmasq Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

eCosCentric Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

eero Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

m0n0wall Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

netsnmp Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

pfSense Unknown

Notified: April 09, 2019 Updated: April 09, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

wolfSSL Unknown

Notified: April 12, 2019 Updated: April 12, 2019

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

View all 166 vendors __View less vendors __

CVSS Metrics

Group Score Vector
Base 6.8 AV:A/AC:H/Au:N/C:C/I:C/A:C
Temporal 5.3 E:POC/RL:OF/RC:ND
Environmental 4.0 CDP:ND/TD:M/CR:ND/IR:ND/AR:ND

References

Acknowledgements

Thanks to Hugues Anguelkov during his internship at Quarkslab for reporting this vulnerability.

This document was written by Trent Novelly.

Other Information

CVE IDs: CVE-2019-9503, CVE-2019-9500, CVE-2019-9501, CVE-2019-9502
Date Public: 2019-04-15 Date First Published:

8.3 High

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

8.8 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.007 Low

EPSS

Percentile

80.1%