Buffer Overflow Vulnerability in Broadcom Wi-Fi Chips
CVE-2017-11120

9.8CRITICAL

Key Information:

Vendor

Broadcom
Status
Bcm4355c0 Firmware
Vendor
CVE Published:
28 September 2017

What is CVE-2017-11120?

A buffer overflow vulnerability exists in Broadcom's BCM4355C0 Wi-Fi chips and possibly other models. This flaw allows attackers to create a malformed RRM neighbor report frame that can exploit the internal buffer, potentially leading to unauthorized access or system crashes. The impact of this vulnerability is significant, affecting the integrity of Wi-Fi communications and device stability. Users are advised to upgrade their firmware to mitigate the risks associated with this type of attack.

References

http://packetstormsecurity.com/files/144328/Broadcom-802....
x_refsource_MISC
http://www.securityfocus.com/bid/100984
vdb-entryx_refsource_BID
https://source.android.com/security/bulletin/2017-09-01
x_refsource_CONFIRM

EPSS Score

24% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.