CVE-2020-36158

Summary:

mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to execute arbitrary code via a long SSID value, aka CID-5c455c5ab332.

Reference Links(if available):

https://patchwork.kernel.org/project/linux-wireless/patch/[email protected]/

https://github.com/torvalds/linux/commit/5c455c5ab332773464d02ba17015acdca198f03d

https://lore.kernel.org/r/[email protected]

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5c455c5ab332773464d02ba17015acdca198f03d

CVSS Score (if available)

v2: / HIGHAV:A/AC:L/Au:N/C:C/I:C/A:C

v3: / HIGHCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Links to Exploits(if available)

Tags: CVE, CVE-2020-36158, MISC, patch, vulnerability

Summary:

Reference Links(if available):

CVSS Score (if available)

Links to Exploits(if available)

Active Exploitation of Vulnerabilities in Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Products.

CACTUS Ransomware Victim: https://www[.]ghimli[.]com /

Cisco Products Multiple Vulnerabilities

T2 – 94,584 breached accounts

CISA: CISA Releases Three Industrial Control Systems Advisories

Summary:

Reference Links(if available):

CVSS Score (if available)

Links to Exploits(if available)

You may have missed

Active Exploitation of Vulnerabilities in Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Products.

CACTUS Ransomware Victim: https://www[.]ghimli[.]com /

Cisco Products Multiple Vulnerabilities

T2 – 94,584 breached accounts

CISA: CISA Releases Three Industrial Control Systems Advisories