CVE-2022-38980 The HwAirlink module has a heap overflow vulnerability in processing data packets of the proprietary protocol. Successful exploitation may allow attackers to obtain process control permissions.

HwAirlink is used in several Cisco products and can be found in the following software versions:

The HwAirlink module has a heap overflow vulnerability in processing data packets of the proprietary protocol.Successful exploitation of this vulnerability may allow attackers to obtain process control permissions. HwAirlink is used in several Cisco products and can be found in the following software versions: Cisco IOS XR Software Versions 15.5 and 15.6

Cisco IOS XE Software Versions 15.5 and 15.6 Cisco IOS XE Software Versions 15.5 and 15.6 Cisco IOS XE Software Versions 15.5 and 15.6 Cisco IOS XE Software Versions 15.5 and 15.6 Cisco IOS XE Software Versions 15.5 and 15.6 Cisco IOS XE Software Versions 15.5 and 15.6 Cisco IOS XE Software Versions 15.5 and 15.6 Cisco IOS XE Software Versions 15.5 and 15.6 Cisco IOS XE Software Versions 15.5 and 15.6 Cisco IOS XE Software Versions 15.5 and 15.6 Cisco IOS XE Software Versions 15.5 and 15.6 Cisco IOS XE Software Versions 15.5 and 15.6 Cisco IOS XE Software Versions 15.5 and 15.6 Cisco IOS XE Software Versions

HwAirlink Module Encapsulation and decapsulation

HwAirlink is used in several Cisco products and can be found in the following software versions: Cisco IOS XR Software Versions 15.5 and 15.6

Cisco IOS XE Software Versions 15.5 and 15.6 Cisco IOS XE Software Versions 15.5 and 15.6 Cisco IOS XE Software Versions 15.5 and 15.6 Cisco IOS XE Software Versions 15.5 and 15.6 Cisco IOS XE Software Versions 15.5 and 15.6

Cisco IOS XE Software Versions 15.5 and 15.6 Cisco IOS XE Software Versions 15.5 and 15.6 Cisco IOS XE Software Versions

Exploiting the Heap Overflow

Successfully exploiting the HwAirlink heap overflow vulnerability may allow attackers to gain privileges on the device. The vulnerability is present in the processing of data packets of the proprietary protocol with the HwAirlink module.

An attacker can achieve code execution by sending a specially crafted packet and triggering a heap overflow condition that would eventually result in arbitrary code execution. Exploiting this vulnerability may allow attackers to obtain process control permissions on the device.

Timeline

Published on: 10/14/2022 16:15:00 UTC
Last modified on: 10/20/2022 12:43:00 UTC

References

• https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202210-0000001416095697
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38980