{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2026-46163/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"id":"CVE-2026-46163"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["wifi","memory corruption","driver vulnerability","CVE-2026-46163"],"_cs_type":"advisory","_cs_vendors":["Microsoft"],"content_html":"\u003cp\u003eCVE-2026-46163 involves a security flaw within the b43legacy WiFi driver, specifically regarding the handling of firmware key indices during RX (receive) operations. The vulnerability stems from the absence of proper bounds checking on the firmware key index before it\u0026rsquo;s used to access memory. This oversight could allow an attacker to potentially read from or write to arbitrary memory locations, leading to denial-of-service, information disclosure, or potentially arbitrary code execution. Due to the low-level nature of the vulnerability, successful exploitation could have significant impact on the system\u0026rsquo;s stability and security. This vulnerability impacts systems utilizing the affected WiFi driver.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker sends a maliciously crafted WiFi packet to the target device.\u003c/li\u003e\n\u003cli\u003eThe device\u0026rsquo;s WiFi adapter receives the packet and passes it to the b43legacy driver.\u003c/li\u003e\n\u003cli\u003eThe driver attempts to process the received packet, including decrypting it using a key from the firmware.\u003c/li\u003e\n\u003cli\u003eDue to the missing bounds check, a crafted packet provides an out-of-bounds key index value.\u003c/li\u003e\n\u003cli\u003eThe driver uses this invalid index to access the firmware key table.\u003c/li\u003e\n\u003cli\u003eThis leads to an out-of-bounds memory access.\u003c/li\u003e\n\u003cli\u003eThe out-of-bounds memory access results in a read or write to an unintended memory location.\u003c/li\u003e\n\u003cli\u003eDepending on the memory location accessed, the attacker can trigger a denial-of-service condition or potentially execute arbitrary code.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-46163 can result in a denial-of-service condition due to a system crash. In more severe scenarios, an attacker could leverage this vulnerability to gain arbitrary code execution on the target system, potentially leading to complete system compromise. The number of potential victims depends on the prevalence of the vulnerable b43legacy WiFi driver and the attacker\u0026rsquo;s targeting scope.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply the security patch released by Microsoft to address CVE-2026-46163 immediately to prevent potential exploitation.\u003c/li\u003e\n\u003cli\u003eMonitor systems using the b43legacy WiFi driver for unusual activity, such as unexpected crashes or memory access violations.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rules in this brief to your SIEM to detect potential exploitation attempts.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-29T07:24:51Z","date_published":"2026-05-29T07:24:51Z","id":"https://feed.craftedsignal.io/briefs/2026-05-cve-2026-46163/","summary":"CVE-2026-46163 is a vulnerability in the b43legacy WiFi driver related to a missing bounds check on the firmware key index in the RX path, potentially leading to memory corruption.","title":"CVE-2026-46163 wifi: b43legacy Firmware Key Index Vulnerability","url":"https://feed.craftedsignal.io/briefs/2026-05-cve-2026-46163/"}],"language":"en","title":"CraftedSignal Threat Feed — CVE-2026-46163","version":"https://jsonfeed.org/version/1.1"}