21 matches found
EUVD-2017-2759
Malware in sbrugna...
CVE-2025-3461
The CVE-2025-3461 entry concerns Quantenna Wi‑Fi chipsets with an unauthenticated telnet interface enabled by default (CWE-306: Missing Authentication for Critical Function). Affected product: Quantenna Wi‑Fi chipset through SDK version 8.0.0.28. Reported impact: potential unauthorized access via...
CVE-2025-3461 ON Semiconductor Quantenna Telnet Missing Authentication
The Quantenna Wi-Fi chips ship with an unauthenticated telnet interface by default. This is an instance of CWE-306, "Missing Authentication for Critical Function," and is estimated as a CVSS 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N. This issue affects Quantenna Wi-Fi chipset through versi...
Kr00k vulnerability (CVE-2019-15126) in Broadcom and Cypress Wi-Fi chips
During the RSA conference of February 26th 2020, researchers Štefan Svorencík and Robert Lipovsky disclosed a vulnerability in the implementation of the wireless egress packet processing of certain Broadcom Wi-Fi chipsets. This vulnerability is referenced as CVE-2019-15126 and could allow an...
Huawei EulerOS: Security Advisory for linux-firmware (EulerOS-SA-2020-1997)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
A Flaw in Billions of Wi-Fi Chips Let Attackers Decrypt Data
Affected devices include iPhones, iPads, Macs, Amazon Echos and Kindles, Android devices, and various Wi-Fi routers...
CVE-2017-11122
On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56, an attacker can trigger an information leak due to insufficient length validation, related to ICMPv6 router advertisement offloading...
Input validation
On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56, an attacker can trigger an information leak due to insufficient length validation, related to ICMPv6 router advertisement offloading...
CVE-2017-11122
CVE-2017-11122 affects Broadcom BCM4355C0 Wi‑Fi chips, where ICMPv6 router advertisement offloading can leak information due to insufficient length validation. The description across sources (NVD/NVF, CNVD, SUSE, CVE.org, 0day exploit listing) consistently identifies an information disclosure vul...
Broadcom ICMPv6 Information Leak Vulnerability
Exploit for hardware platform in category dos / poc Broadcom: Information Leak in ICMPv6 Router Advertisement Offloading CVE-2017-11122 Broadcom produces Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. These chips are present in both mobile devices and Wi-Fi routers,...
Stack overflow
On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, properly crafted malicious over-the-air Fast Transition frames can potentially trigger internal Wi-Fi firmware heap and/or stack overflows, leading to denial of service or other effects, aka B-V2017061205...
CVE-2017-11120
On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, an attacker can craft a malformed RRM neighbor report frame to trigger an internal buffer overflow in the Wi-Fi firmware, aka B-V2017061204...
Google Researcher Publishes PoC Exploit for Apple iPhone Wi-Fi Chip Hack
You have now another good reason to update your iPhone to newly released iOS 11—a security vulnerability in iOS 10 and earlier now has a working exploit publicly available. Gal Beniamini, a security researcher with Google Project Zero, has discovered a security vulnerability CVE-2017-11120 in...
CVE-2017-9417
Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka the "Broadpwn" issue...
CVE-2017-9417
Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka the "Broadpwn" issue...
CVE-2017-9417
CVE-2017-9417 affects Broadcom BCM43xx Wi‑Fi chips (Broadpwn). Reported as a memory corruption flaw in the Wi‑Fi firmware/chip enabling remote arbitrary code execution by a nearby attacker. Apple security updates reference this CVE in AirPort/Wi‑Fi contexts and list patches (e.g., AirPort/Broadco...
CVE-2012-2619
The Broadcom BCM4325 and BCM4329 Wi-Fi chips, as used in certain Acer, Apple, Asus, Ford, HTC, Kyocera, LG, Malata, Motorola, Nokia, Pantech, Samsung, and Sony products, allow remote attackers to cause a denial of service out-of-bounds read and Wi-Fi outage via an RSN 802.11i information element...
Out-of-bounds
The Broadcom BCM4325 and BCM4329 Wi-Fi chips, as used in certain Acer, Apple, Asus, Ford, HTC, Kyocera, LG, Malata, Motorola, Nokia, Pantech, Samsung, and Sony products, allow remote attackers to cause a denial of service out-of-bounds read and Wi-Fi outage via an RSN 802.11i information element...
CVE-2012-2619
The CVE-2012-2619 entry concerns a flaw in Broadcom BCM4325/ BCM4329 Wi‑Fi firmware that handles 802.11i information elements. An out-of-bounds read could be triggered by a remote attacker on the same Wi‑Fi network, potentially causing a Wi‑Fi outage or device instability. Apple TV advisories cor...
CVE-2012-2619
The Broadcom BCM4325 and BCM4329 Wi-Fi chips, as used in certain Acer, Apple, Asus, Ford, HTC, Kyocera, LG, Malata, Motorola, Nokia, Pantech, Samsung, and Sony products, allow remote attackers to cause a denial of service out-of-bounds read and Wi-Fi outage via an RSN 802.11i information element...