Description
Buffer Overflow vulnerability in ZerBea hcxpcapngtool v. 7.0.1-43-g2ee308e allows a local attacker to obtain sensitive information via the getradiotapfield() function
Published: 2026-03-26
Score: 6.2 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Local Sensitive Data Disclosure via Buffer Overflow
Action: Apply Patch
AI Analysis

Impact

A buffer overflow flaw exists in the getradiotapfield() function of ZerBea hcxpcapngtool version 7.0.1-43-g2ee308e. The overflow can be triggered when the tool processes malformed radiotap headers, allowing a local attacker to read memory beyond its intended bounds. This read can expose sensitive network traffic details or credentials stored in the tool’s memory, compromising confidentiality for the system on which the tool runs.

Affected Systems

The affected system is any machine running ZerBea hcxpcapngtool at the exact version 7.0.1-43-g2ee308e. No other versions or product variants are listed as impacted, so systems upgraded beyond this release or using a different tool are not affected.

Risk and Exploitability

With a CVSS score of 6.2 the vulnerability is classified as medium severity. The EPSS score is unavailable and it is not listed in the CISA KEV catalog, indicating limited evidence of exploitation in the wild. The attack requires local access and the ability to execute the tool; there is no documented remote vector. The potential impact is a breach of confidentiality for the data processed by the tool, which could include captured packets or associated user credentials.

Generated by OpenCVE AI on March 26, 2026 at 18:05 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to a patched release of ZerBea hcxpcapngtool that removes the buffer overflow.
  • Limit execution of the tool to privileged users only and enforce least‑privilege practices.
  • Enable logging and monitor usage of the tool for suspicious activity.
  • If an update cannot be applied, consider disabling or removing the vulnerable binary from the system.
  • Consult ZerBea’s release notes or support channels for guidance on additional mitigations.

Generated by OpenCVE AI on March 26, 2026 at 18:05 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 27 Mar 2026 08:45:00 +0000

Type Values Removed Values Added
First Time appeared Zerbea
Zerbea hcxpcapngtool
Vendors & Products Zerbea
Zerbea hcxpcapngtool

Fri, 27 Mar 2026 04:00:00 +0000

Type Values Removed Values Added
Title hcxpcapngtool: hcxtools: ZerBea hcxpcapngtool: Information disclosure via buffer overflow in getradiotapfield() function
References
Metrics threat_severity

None

 threat_severity

Low

Thu, 26 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-120
Metrics cvssV3_1

{'score': 6.2, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 26 Mar 2026 15:00:00 +0000

Type Values Removed Values Added
Description Buffer Overflow vulnerability in ZerBea hcxpcapngtool v. 7.0.1-43-g2ee308e allows a local attacker to obtain sensitive information via the getradiotapfield() function
References

Subscriptions

Zerbea Hcxpcapngtool
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-03-26T15:29:41.020Z

Reserved: 2026-03-04T00:00:00.000Z

Link: CVE-2026-29976

cve-icon Vulnrichment

Updated: 2026-03-26T15:29:35.787Z

cve-icon NVD

Status : Received

Published: 2026-03-26T15:16:36.137

Modified: 2026-03-26T16:16:09.027

Link: CVE-2026-29976

cve-icon Redhat

Severity : Low

Publid Date: 2026-03-26T00:00:00Z

Links: CVE-2026-29976 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-03-27T09:29:08Z

Weaknesses