CVE-2017-11120
UnknownEPSS 9.13%
Last modified
CVE-2017-11120 is a vulnerability of currently unknown severity. On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, an attacker can craft a malformed RRM neighbor report frame to trigger an internal buffer overflow in the Wi-Fi firmware, aka B-V2017061204.. EPSS estimates a 9.13% chance of exploitation in the next 30 days.
Description
On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, an attacker can craft a malformed RRM neighbor report frame to trigger an internal buffer overflow in the Wi-Fi firmware, aka B-V2017061204.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Broadcom | Bcm4355c0 Firmware | 9.44.78.27.0.1.56 |
| Apple | Iphone Os | < 11.0 |
| Apple | Tvos | < 11.0 |
References
- http://packetstormsecurity.com/files/144328/Broadcom-802.11k-Neighbor-Report-Response-Out-Of-Bounds-Write.htmlExploit, Third Party Advisory, VDB Entry
- http://www.securityfocus.com/bid/100984Third Party Advisory, VDB Entry
- https://bugs.chromium.org/p/project-zero/issues/detail?id=1289Exploit, Issue Tracking, Third Party Advisory
- https://lists.apple.com/archives/security-announce/2017/Sep/msg00007.htmlMailing List, Third Party Advisory
- https://lists.apple.com/archives/security-announce/2017/Sep/msg00009.htmlMailing List, Third Party Advisory
- https://source.android.com/security/bulletin/2017-09-01Third Party Advisory
- https://support.apple.com/HT208112Third Party Advisory
- https://support.apple.com/HT208113Third Party Advisory
- https://support.apple.com/en-us/HT208112Third Party Advisory
- https://support.apple.com/en-us/HT208113Third Party Advisory
- https://www.exploit-db.com/exploits/42784/Exploit, Third Party Advisory, VDB Entry
- http://packetstormsecurity.com/files/144328/Broadcom-802.11k-Neighbor-Report-Response-Out-Of-Bounds-Write.htmlExploit, Third Party Advisory, VDB Entry
- http://www.securityfocus.com/bid/100984Third Party Advisory, VDB Entry
- https://bugs.chromium.org/p/project-zero/issues/detail?id=1289Exploit, Issue Tracking, Third Party Advisory
- https://lists.apple.com/archives/security-announce/2017/Sep/msg00007.htmlMailing List, Third Party Advisory
- https://lists.apple.com/archives/security-announce/2017/Sep/msg00009.htmlMailing List, Third Party Advisory
- https://source.android.com/security/bulletin/2017-09-01Third Party Advisory
- https://support.apple.com/HT208112Third Party Advisory
- https://support.apple.com/HT208113Third Party Advisory
- https://support.apple.com/en-us/HT208112Third Party Advisory
- https://support.apple.com/en-us/HT208113Third Party Advisory
- https://www.exploit-db.com/exploits/42784/Exploit, Third Party Advisory, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-11120?
On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, an attacker can craft a malformed RRM neighbor report frame to trigger an internal buffer overflow in the Wi-Fi firmware, aka B-V2017061204.
How severe is CVE-2017-11120?
Severity scoring for CVE-2017-11120 is pending analysis. The EPSS model estimates a 9.13% probability of exploitation in the next 30 days.
How do I fix CVE-2017-11120?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2017-11120?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST