Remote Code Execution Vulnerability in Alpine Halo9 Devices
CVE-2024-23935

7.5HIGH

Key Information:

Vendor: Alpine
Status: Halo9
Vendor: CVE Published:; 28 September 2024

What is CVE-2024-23935?

The vulnerability within Alpine Halo9 devices stems from a stack-based buffer overflow in the DecodeUTF7 function. This flaw occurs due to insufficient validation of user-supplied data lengths before copying to a stack-based buffer. Attackers capable of pairing a malicious Bluetooth device with the target can exploit this vulnerability, gaining the ability to execute arbitrary code within the context of the device's root permissions.

Affected Version(s)

Halo9 6.0.000

References

https://www.zerodayinitiative.com/advisories/ZDI-24-848/

x_research-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 28, 2024