Vulnerability Details CVE-2017-6957
Stack-based buffer overflow in the firmware in Broadcom Wi-Fi HardMAC SoC chips, when the firmware supports CCKM Fast and Secure Roaming and the feature is enabled in RAM, allows remote attackers to execute arbitrary code via a crafted reassociation response frame with a Cisco IE (156).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.149
EPSS Ranking 94.2%
CVSS Severity
CVSS v3 Score 8.1
CVSS v2 Score 6.8
References
- http://packetstormsecurity.com/files/141803/Broadcom-Stack-Buffer-Overflow.html
- http://www.securityfocus.com/bid/97054
- https://bugs.chromium.org/p/project-zero/issues/detail?id=1051
- http://packetstormsecurity.com/files/141803/Broadcom-Stack-Buffer-Overflow.html
- http://www.securityfocus.com/bid/97054
- https://bugs.chromium.org/p/project-zero/issues/detail?id=1051
Products affected by CVE-2017-6957
-
cpe:2.3:h:broadcom:bcm4339_soc:-
-
cpe:2.3:o:broadcom:bcm4339_soc_firmware:6.37.34.40