CVE-2021-22673

Name of the Vulnerable Software and Affected Versions Texas Instruments SimpleLink Wi-Fi versions prior to MSP432E4 SDK: v4.20.00.12 Texas Instruments SimpleLink Wi-Fi versions prior to CC32XX SDK v4.30.00.06 Texas Instruments SimpleLink Wi-Fi versions prior to CC13X0 SDK v4.10.03 Texas Instruments SimpleLink Wi-Fi versions prior to CC13X2 and CC26XX SDK v4.40.00 Texas Instruments SimpleLink Wi-Fi versions prior to CC3200 SDK v1.5.0 Texas Instruments SimpleLink Wi-Fi versions prior to CC3100 SDK v1.3.0

Description The issue is related to a stack-based buffer overflow that occurs when processing over-the-air firmware updates from the CDN server. This may allow an attacker to remotely execute code.

Recommendations For versions prior to MSP432E4 SDK: v4.20.00.12, update to a version newer than v4.20.00.12. For versions prior to CC32XX SDK v4.30.00.06, update to a version newer than v4.30.00.06. For versions prior to CC13X0 SDK v4.10.03, update to a version newer than v4.10.03. For versions prior to CC13X2 and CC26XX SDK v4.40.00, update to a version newer than v4.40.00. For versions prior to CC3200 SDK v1.5.0, update to a version newer than v1.5.0. For versions prior to CC3100 SDK v1.3.0, update to a version newer than v1.3.0.