Buffer Overflow Vulnerability in TCL LinkHub Mesh Wi-Fi
CVE-2022-24012

9.6CRITICAL

Key Information:

Vendor

Tcl

Status
Linkhub Mesh Wifi
Vendor
CVE Published:
5 August 2022

What is CVE-2022-24012?

A buffer overflow vulnerability has been identified within the GetValue functionality of TCL LinkHub Mesh Wi-Fi (MS1G_00_01.00_14). This issue arises when an attacker crafts a malicious configuration value that, when processed, can lead to a buffer overflow condition. Successful exploitation of this vulnerability may allow an attacker to manipulate the device's functionality or compromise its integrity. It is critical for users of affected versions to apply patches and updates to mitigate the risks associated with this vulnerability.

Affected Version(s)

LinkHub Mesh Wifi MS1G_00_01.00_14

References

https://talosintelligence.com/vulnerability_reports/TALOS...
x_refsource_MISC

CVSS V3.1

Score:
9.6
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

CVSS V3.0

Score:
9.6
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.