search menu icon-carat-right cmu-wordmark

CERT Coordination Center

Texas Instruments Microcontrollers CC2640 and CC2650 are vulnerable to heap overflow

Vulnerability Note VU#317277

Original Release Date: 2018-11-01 | Last Revised: 2018-11-07

Overview

Texas Instruments Microcontrollers CC2640 and CC2650 are vulnerable to heap overflow

Description

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2018-16986 - also known as BLEEDINGBIT

The following Texas Instrument chips are affected:

  • CC2640 (non-R2) with BLE-STACK version 2.2.1 or an earlier version
  • CC2650 with BLE-STACK version 2.2.1 or an earlier version
  • CC2640R2F with SimpleLink CC2640R2 SDK version 1.00.00.22 (BLE-STACK 3.0.0)
  • CC1350 with SimpleLink CC13x0 SDK version 2.20.00.38 (BLE-STACK 2.3.3) or an earlier version

    The above Texas Instruments controllers contain BLE-Stacks with a memory corruption vulnerability resulting from the mishandling of BLE advertising packets. The function llGetAdvChanPDU that is part of the embedded ROM image in both chips handles the incoming advertising packets and parses their headers. It copies the contents to a separate buffer provided by the calling function. The incorrect length of the packet is taken and ends up being parsed as larger packets than originally intended. If the incoming data is over a certain length, the function will call the halAssertHandler function, as defined by the application running on top of the stack, and not stop execution. Since the flow of execution does not stop, it will copy the overly large packet to the buffer and cause a heap overflow.

    CVE-2018-7080 - also known as BLEEDINGBIT

    The following Texas Instruments devices are affected:

  • CC2642R
  • CC2640R2
  • CC2640
  • CC2650
  • CC2540
  • CC2541

    An attacker could exploit the overflow in CVE-2018-16986 on certain network devices that use the above Texas Instruments chips if they have the Over the Air firmware Download (OAD) feature enabled to overwrite the firmware. The OAD feature allows for remote firmware updates of some BLE chips. An attacker could connect to a BLE chip on a vulnerable access point (either without authentication or by obtaining the password through other means depending on the implementation) and upload their own malicious firmware, which may contain malicious code that could give them complete control over the access point.
  • Impact

    Using a specially crafted set of packets, an attacker can both control the data of the overflow, and the length of it, which may lead to remote code execution on the targeted BLE chip. An attacker needs to be within physical proximity to the device while it is in scanning mode to trigger vulnerable code. This memory corruption can lead to code execution on the main CPU of the device, which could have the potential to affect other devices across a network if the origin is a networked device. An attacker could also exploit this vulnerability to rewrite the operating system of a device and gain full control over it.


    Given the nature of embedded devices, it is possible that a broader set of devices are impacted than what is listed in this publication. If you believe you are affected, please email us at cert@cert.org.

    Solution

    Update the BLE-Stack

    This vulnerability was patched in BLE-Stack v2.2.2 released by Texas Instruments on March 28, 2018. Affected devices will require a firmware update to obtain the updated BLE-Stack.

    Do not use the OAD feature in production
    The OAD featrure is never meant to be used in production, so manufacturers should ensure that this feature is not enabled by default in live environments.

    Vendor Information

    317277
     
    Affected   Unknown   Unaffected

    Aruba Networks

    Notified:  October 12, 2018 Updated:  October 19, 2018

    Status

      Affected

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Cisco

    Notified:  October 12, 2018 Updated:  November 02, 2018

    Status

      Affected

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Texas Instruments

    Notified:  October 19, 2018 Updated:  October 19, 2018

    Status

      Affected

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Apple

    Notified:  October 12, 2018 Updated:  October 30, 2018

    Status

      Not Affected

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Brocade Communication Systems

    Notified:  October 12, 2018 Updated:  October 19, 2018

    Status

      Not Affected

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Check Point Software Technologies

    Notified:  October 12, 2018 Updated:  October 22, 2018

    Status

      Not Affected

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    D-Link Systems, Inc.

    Notified:  October 12, 2018 Updated:  October 19, 2018

    Status

      Not Affected

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Debian GNU/Linux

    Notified:  October 12, 2018 Updated:  October 19, 2018

    Status

      Not Affected

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Netgear, Inc.

    Notified:  October 12, 2018 Updated:  October 19, 2018

    Status

      Not Affected

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Synology

    Notified:  October 12, 2018 Updated:  October 19, 2018

    Status

      Not Affected

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Toshiba Commerce Solutions

    Notified:  October 12, 2018 Updated:  October 19, 2018

    Status

      Not Affected

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Zyxel

    Notified:  October 12, 2018 Updated:  November 02, 2018

    Status

      Not Affected

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    3com Inc

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    A10 Networks

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    ACCESS

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    ADTRAN

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    ANTlabs

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    ARRIS

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    ASP Linux

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    AT&T

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    AVM GmbH

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Actelis Networks

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Actiontec

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Aerohive

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    AhnLab Inc

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    AirWatch

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Akamai Technologies, Inc.

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Alcatel-Lucent Enterprise

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Amazon

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Android Open Source Project

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Appgate Network Security

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Arch Linux

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Arista Networks, Inc.

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    AsusTek Computer Inc.

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Atheros Communications Inc.

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Avaya, Inc.

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Barracuda Networks

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Belkin, Inc.

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Bell Canada Enterprises

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    BlueCat Networks, Inc.

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Broadcom

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    CA Technologies

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Cambium Networks

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Ceragon Networks Inc

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Comcast

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Command Software Systems

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    CoreOS

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Cradlepoint

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Dell

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Dell EMC

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Dell SecureWorks

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    DesktopBSD

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Deutsche Telekom

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Devicescape

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Digi International

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    DragonFly BSD Project

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    EfficientIP SAS

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Ericsson

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Espressif Systems

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    European Registry for Internet Domains

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Express Logic

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    F-Secure Corporation

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    F5 Networks, Inc.

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Fastly

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Fedora Project

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Force10 Networks

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Foundry Brocade

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    FreeBSD Project

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    GNU glibc

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Geexbox

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Gentoo Linux

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Google

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    HP Inc.

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    HTC

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    HardenedBSD

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Hitachi

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Honeywell

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Huawei Technologies

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    IBM Corporation (zseries)

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    IBM, INC.

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    InfoExpress, Inc.

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Infoblox

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Intel

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Internet Systems Consortium

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Internet Systems Consortium - DHCP

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Interniche Technologies, inc.

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Joyent

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Juniper Networks

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Lantronix

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Lenovo

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Linksys

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Marvell Semiconductors

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    McAfee

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    MediaTek

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Medtronic

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Men & Mice

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    MetaSwitch

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Micro Focus

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Microchip Technology

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Microsoft

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    MikroTik

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Miredo

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Mitel Networks, Inc.

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    NEC Corporation

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    NETSCOUT

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    NLnet Labs

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    NetBSD

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Nixu

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Nokia

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Nominum

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    OmniTI

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    OpenBSD

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    OpenConnect

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    OpenDNS

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Openwall GNU/*/Linux

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Paessler

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Peplink

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Philips Electronics

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    PowerDNS

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Pulse Secure

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    QLogic

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    QNX Software Systems Inc.

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    QUALCOMM Incorporated

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Quagga

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Quantenna Communications

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Red Hat, Inc.

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Riverbed Technologies

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Roku

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Ruckus Wireless

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    SUSE Linux

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Samsung Mobile

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Samsung Semiconductor Inc.

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Secure64 Software Corporation

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Slackware Linux Inc.

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Snort

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    SonicWall

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Sonos

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Sony Corporation

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Sophos, Inc.

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Sourcefire

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Symantec

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    TP-LINK

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Technicolor

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    TippingPoint Technologies Inc.

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    TrueOS

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Turbolinux

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Ubuntu

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Unisys

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    VMware

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Wind River

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Xilinx

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Zebra Technologies

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Zephyr Project

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    aep NETWORKS

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    dnsmasq

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    eero

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    m0n0wall

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    netsnmp

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    pfSense

    Notified:  October 12, 2018 Updated:  October 12, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.


    CVSS Metrics

    Group Score Vector
    Base 7.9 AV:A/AC:M/Au:N/C:C/I:C/A:C
    Temporal 6.2 E:POC/RL:OF/RC:C
    Environmental 4.6 CDP:N/TD:M/CR:ND/IR:ND/AR:ND

    References

    Credit

    We would like to thank Ben Seri at Armis for reporting this vulnerability.

    This document was written by Madison Oliver.

    Other Information

    CVE IDs: CVE-2018-16986
    Date Public: 2018-11-01
    Date First Published: 2018-11-01
    Date Last Updated: 2018-11-07 19:22 UTC
    Document Revision: 56

    Sponsored by the Department of Homeland Security Office of Cybersecurity and Communications.