CVE-2017-9417
Advisory lineage Upstream: 0 Downstream: 3
Modified
Published: 03 Jun 2017, 23:00
Last modified:05 Aug 2024, 17:02
Vulnerability Summary
Overall Risk (default)
high
70/100 CVSS Score
9.8 CRITICAL
v3.0 (nvd)
EPSS Score
42.6% HIGH
43% probability +1.93%
KEV
Not listed
Ransomware
No reports
Public exploits
1 found
Dark Web
Not detected
Timeline
03 Jun 2017, 23:00
Published
Vulnerability first disclosed
05 Aug 2024, 17:02
Last Modified
Vulnerability information updated
Description
Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka the "Broadpwn" issue.
CVSS Metrics
- v3.0•CRITICAL•Score: 9.8CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- v2.0•HIGH•Score: 7.5AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS Trends
Current EPSS score: 42.60%• Percentile: 98%
Affected Systems
- broadcom•bcm43xx_wi-fi_chipset_firmware
na
References (10)
- https://source.android.com/security/bulletin/2017-07-01
- https://www.blackhat.com/us-17/briefings.html#broadpwn-remotely-compromising-android-and-ios-via-a-bug-in-broadcoms-wi-fi-chipsets
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-9417
- http://www.securityfocus.com/bid/99482
- http://www.securitytracker.com/id/1038950
- https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html
- http://www.securitytracker.com/id/1039330
- http://seclists.org/fulldisclosure/2019/May/24
- https://support.apple.com/kb/HT210121
- https://seclists.org/bugtraq/2019/May/30