{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-02T15:27:02.591","vulnerabilities":[{"cve":{"id":"CVE-2019-9501","sourceIdentifier":"cret@cert.org","published":"2020-02-03T21:15:11.487","lastModified":"2024-11-21T04:51:44.607","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. By supplying a vendor information element with a data length larger than 32 bytes, a heap buffer overflow is triggered in wlc_wpa_sup_eapol. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions."},{"lang":"es","value":"El controlador Broadcom wl WiFi es vulnerable a un desbordamiento del búfer de la pila. Al proporcionar un elemento de información de proveedor con una longitud de datos mayor de 32 bytes, un desbordamiento del búfer de la pila es desencadenado en la función wlc_wpa_sup_eapol. En el peor de los casos, mediante el envío de paquetes WiFi especialmente diseñados, un atacante remoto no autenticado puede ejecutar código arbitrario en un sistema vulnerable. Más comúnmente, esta vulnerabilidad resultará en condiciones de denegación de servicio."}],"metrics":{"cvssMetricV31":[{"source":"cret@cert.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":7.9,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:A/AC:L/Au:N/C:C/I:C/A:C","baseScore":8.3,"accessVector":"ADJACENT_NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":6.5,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cret@cert.org","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:synology:router_manager:1.2:*:*:*:*:*:*:*","matchCriteriaId":"85F6D2BF-23EA-4D44-8126-64EA85184D38"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:broadcom:bcm4339_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"AA080644-56DF-456F-BA3C-DF5C1A4AEE51"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:broadcom:bcm4339:-:*:*:*:*:*:*:*","matchCriteriaId":"8A42BC9D-B62C-444D-A20B-5D6190797697"}]}]}],"references":[{"url":"https://blog.quarkslab.com/reverse-engineering-broadcom-wireless-chipsets.html","source":"cret@cert.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://kb.cert.org/vuls/id/166939/","source":"cret@cert.org","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://blog.quarkslab.com/reverse-engineering-broadcom-wireless-chipsets.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://kb.cert.org/vuls/id/166939/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]}]}}]}