CVE-2023-29468
Published: 14 August 2023
Summary
CVE-2023-29468 is a critical-severity Classic Buffer Overflow (CWE-120) vulnerability in Ti Wilink8-Wifi-Mcp8. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 1.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
This vulnerability is AI-related — categorised as AI Agent Protocols and Integrations; in the Protocol-Specific Risks risk domain.
Deeper analysis
The Texas Instruments WiLink WL18xx MCP driver in WILINK8-WIFI-MCP8 version 8.5_SP3 and earlier contains an unbounded parsing flaw for information elements of type XCC_EXT_1_IE_ID and XCC_EXT_2_IE_ID within 802.11 management frames. Because the driver performs no count or length validation on these elements before copying them into fixed-size buffers, a malformed frame can trigger a classic buffer overflow (CWE-120). The issue received a CVSS 3.1 score of 9.8, reflecting a network-reachable flaw with no required authentication or user interaction.
An unauthenticated attacker within radio range can transmit a single specially crafted management frame that overflows the stack or heap structures used by the driver. Successful exploitation can result in arbitrary code execution on the affected wireless subsystem, potentially compromising the host system that incorporates the WL18xx chipset.
The vendor advisory published at https://www.ti.com/lit/swra773 describes the affected driver versions and provides updated firmware and software packages that enforce proper IE limits during management-frame processing. Organizations using WILINK8-WIFI-MCP8 should apply the referenced patches or migrate to a corrected release to eliminate the overflow condition. The associated EPSS score of 0.58 indicates moderate but non-negligible exploitation interest since disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-33037
Vulnerability details
The Texas Instruments (TI) WiLink WL18xx MCP driver does not limit the number of information elements (IEs) of type XCC_EXT_1_IE_ID or XCC_EXT_2_IE_ID that can be parsed in a management frame. Using a specially crafted frame, a buffer overflow can be…
more
triggered that can potentially lead to remote code execution. This affects WILINK8-WIFI-MCP8 version 8.5_SP3 and earlier.
- CWE(s)
AI Security AnalysisAI
- AI Category
- AI Agent Protocols and Integrations
- Risk Domain
- Protocol-Specific Risks
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: mcp
Related Threats
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Platform-independent managed code eliminates the need for unchecked native buffer copies that are the root cause of classic buffer overflows.