CVE-2026-7763
BaseFortify
Publication date: 2026-06-05
Last updated on: 2026-06-05
Assigner: Bugcrowd Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| morse_micro | halowlink_2 | to 2.11.13 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-7763 is a heap-based buffer overflow vulnerability in the morse.ko HaLow Wi-Fi kernel driver used in Morse Micro HaLowLink 2 software versions before 2.11.13.
An unauthenticated attacker within radio range can exploit this vulnerability by sending a specially crafted 802.11ah beacon frame containing a malformed Traffic Indication Map (TIM) Information Element.
The vulnerability arises because the function morse_page_slicing_process_tim_element() derives the TIM bitmap length directly from the received IE field without validating it against the fixed-size destination buffer. This leads to up to 252 bytes of attacker-controlled data being written beyond the buffer boundary during memset and memcpy operations.
Since beacon frames are broadcast and processed during passive scanning, no authentication, association, or user interaction is required to exploit this flaw.
How can this vulnerability impact me? :
Exploitation of this vulnerability can cause a Denial of Service (DoS) by triggering a kernel panic in the affected device.
Additionally, it may allow an attacker to achieve Remote Code Execution (RCE), potentially gaining control over the device.
Because the attack requires only being within radio range and no authentication, it poses a significant security risk to devices running vulnerable versions of HaLowLink 2.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability is exploited by sending a maliciously crafted 802.11ah beacon frame containing a malformed Traffic Indication Map (TIM) Information Element. Detection would involve monitoring for unusual or malformed 802.11ah beacon frames with abnormal TIM IE lengths.
Since the vulnerability occurs in the morse.ko HaLow Wi-Fi kernel driver during passive scanning of beacon frames, network detection tools that can capture and analyze 802.11ah beacon frames for malformed TIM IEs could help identify attempts to exploit this issue.
Specific commands are not provided in the available resources.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to upgrade the Morse Micro HaLowLink 2 software to version 2.11.13 or later, where this vulnerability has been resolved.
Until the upgrade can be applied, limiting exposure by restricting radio range access or disabling the affected HaLow Wi-Fi functionality may reduce risk.