Lucene search

MitreCVE-2017-9212

HistoryMay 23, 2017 - 2:29 p.m.

CVE-2017-9212

2017-05-2314:29:00

CWE-134

mitre

web.nvd.nist.gov

cve-2017-9212

bmw 330i 2011

bluetooth

stack

remote crash

format string

nvd

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.5

Confidence

High

EPSS

0.001

Percentile

47.6%

JSON

The Bluetooth stack on the BMW 330i 2011 allows a remote crash of the CD/Multimedia software via %x or %c format string specifiers in a device name.

Affected configurations

Nvd

Node

bavarian_motor_worksbluetooth_stackMatch-2011_bmw_330i

VendorProductVersionCPE
bavarian_motor_worksbluetooth_stack-cpe:2.3:a:bavarian_motor_works:bluetooth_stack:-:*:*:*:*:*:2011_bmw_330i:*

Vendor	Product	Version	CPE
bavarian_motor_works	bluetooth_stack	-	cpe:2.3:a:bavarian_motor_works:bluetooth_stack:-::::::2011_bmw_330i:

References

twitter.com/__Obzy__/status/864704956116254720

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.5

Confidence

High

EPSS

0.001

Percentile

47.6%

JSON

Related for CVE-2017-9212