CVE-2017-9417 Detail Modified This vulnerability has been modified since it was last analyzed by the NVD. It is awaiting reanalysis which may result in further changes to the information provided. Current Description Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka the "Broadpwn" issue.

View Analysis Description Analysis Description Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka the "Broadpwn" issue. Severity CVSS Version 3.x CVSS Version 2.0



CVSS 3.x Severity and Metrics:

NIST: NVD Base Score: 9.8 CRITICAL Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS 2.0 Severity and Metrics:



NIST: NVD Base Score: 7.5 HIGH Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P) Weakness Enumeration CWE-ID CWE Name Source NVD-CWE-noinfo Insufficient Information NIST Known Affected Software Configurations Switch to CPE 2.2 CPEs loading, please wait. Denotes Vulnerable Software

Are we missing a CPE here? Please let us know.

Change History 10 change records found show changes CWE Remap 10/02/2019 8:3:26 PM Action Type Old Value New Value Changed CWE CWE-284



NVD-CWE-noinfo



CVE Modified by MITRE 5/14/2019 12:29:00 PM Action Type Old Value New Value Added Reference https://seclists.org/bugtraq/2019/May/30 [No Types Assigned]



CVE Modified by MITRE 5/14/2019 12:29:02 AM Action Type Old Value New Value Added Reference https://support.apple.com/kb/HT210121 [No Types Assigned]



CVE Modified by MITRE 5/13/2019 5:29:00 PM Action Type Old Value New Value Added Reference http://seclists.org/fulldisclosure/2019/May/24 [No Types Assigned]



CVE Modified by MITRE 11/13/2018 6:29:22 AM Action Type Old Value New Value Added Reference https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html [No Types Assigned]



CVE Modified by MITRE 9/13/2017 9:29:08 PM Action Type Old Value New Value Added Reference http://www.securitytracker.com/id/1039330 [No Types Assigned]



Added Reference https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-9417 [No Types Assigned]



CVE Modified by MITRE 7/20/2017 9:29:01 PM Action Type Old Value New Value Added Reference http://www.securitytracker.com/id/1038950 [No Types Assigned]



CVE Modified by MITRE 7/12/2017 9:29:04 PM Action Type Old Value New Value Added Reference https://source.android.com/security/bulletin/2017-07-01 [No Types Assigned]



CVE Modified by MITRE 7/10/2017 9:33:48 PM Action Type Old Value New Value Added Reference http://www.securityfocus.com/bid/99482 [No Types Assigned]



Initial Analysis 6/12/2017 10:22:11 AM Action Type Old Value New Value Added CPE Configuration AND OR *cpe:2.3:o:broadcom:bcm43xx_wi-fi_chipset_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:broadcom:bcm4354_wi-fi_chipset:-:*:*:*:*:*:*:* cpe:2.3:h:broadcom:bcm4358_wi-fi_chipset:-:*:*:*:*:*:*:* cpe:2.3:h:broadcom:bcm4359_wi-fi_chipset:-:*:*:*:*:*:*:*



Added CVSS V2 (AV:N/AC:L/Au:N/C:P/I:P/A:P)



Added CVSS V3 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H



Added CWE CWE-284



Changed Reference Type https://www.blackhat.com/us-17/briefings.html#broadpwn-remotely-compromising-android-and-ios-via-a-bug-in-broadcoms-wi-fi-chipsets No Types Assigned



https://www.blackhat.com/us-17/briefings.html#broadpwn-remotely-compromising-android-and-ios-via-a-bug-in-broadcoms-wi-fi-chipsets Technical Description, Third Party Advisory



Quick Info CVE Dictionary Entry:

CVE-2017-9417

NVD Published Date:

06/04/2017

NVD Last Modified:

10/02/2019

Source:

MITRE

