CVE-2023-29468

Name of the Vulnerable Software and Affected Versions WILINK8-WIFI-MCP8 versions 8.5 SP3 and earlier

Description The Texas Instruments (TI) WiLink WL18xx MCP driver does not limit the number of information elements (IEs) of type XCC EXT 1 IE ID or XCC EXT 2 IE ID that can be parsed in a management frame. Using a specially crafted frame, a buffer overflow can be triggered that can potentially lead to remote code execution. This issue affects the SYNC3 infotainment system used in various Ford and Lincoln vehicle models. According to the manufacturer, the vulnerability does not impact driver safety, and they are working on a fix. The exploitation of this issue would require significant knowledge and physical proximity to the vehicle, as the attacker must be within the wireless range of the potentially vulnerable device. There is currently no evidence that this issue has been exploited.

Recommendations For WILINK8-WIFI-MCP8 versions 8.5 SP3 and earlier, as a temporary workaround, consider disabling the WiFi function through the settings menu of the infotainment system until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.