Buffer Overflow in pppd Vulnerability

Security Advisory
Updated 03-03-2020 12:25:51 PM

TP-Link has been made aware of a buffer overflow vulnerability in the Point-to-Point Protocol Daemon (pppd) discovered by Ilja Van Sprundel. According to the research, a logic flaw in the pppd is the root cause. An unauthenticated attacker may be able to exploit this to trigger a stack-based buffer overflow, which can cause arbitrary code execution.

At TP-Link, customer security comes first. TP-Link is investigating and will keep updating this advisory as more information becomes available. The affected TP-Link products will be updated as soon as possible and the new firmware, with fixed for this issue, will be made available.

If you have concerns about your TP-Link product, please feel free to contact TP-Link Support: https://www.tp-link.com/support/.

For more information about this vulnerability, please refer to: CVE-2020-8597.

Updates:

2020-03-03 Published Advisory

 

Sign Up for News & OffersTP-Link takes your privacy seriously. For further details on TP-Link's privacy practices, see TP-Link's Privacy Policy.

From United States (English)?

Check products and services for your region.