Google published the monthly security update for Android devices, it warned of a serious flaw, dubbed BroadPWN, in some Broadcom Wi-Fi chipsets that potentially impacts millions of Android devices, as well as some iPhone models.
BroadPwn is a critical remote code execution vulnerability, tracked as CVE-2017-3544, that affects the Broadcom BCM43xx family of WiFi chipsets. Remote attackers can trigger the flaw without user interaction to execute malicious code on vulnerable devices with kernel privileges.
“The most severe vulnerability in this section could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process.,” reads the Google July 2017 Android Security Bulletin.
The BroadPwn issue was reported by the Exodus Intelligence expert Nitay Artenstein, he will present the analysis at the Next Black Hat 2017 conference.
“Meet Broadpwn, a vulnerability in Broadcom’s Wi-Fi chipsets which affects millions of Android and iOS devices, and can be triggered remotely, without user interaction. The Broadcom BCM43xx family of Wi-Fi chips is found in an extraordinarily wide range of mobile devices – from various iPhone models, to HTC, LG, Nexus and practically the full range of Samsung flagship devices.
“In this talk, we’ll take a deep dive into the internals of the BCM4354, 4358 and 4359 Wi-Fi chipsets, and explore the workings of the mysterious, closed-source HNDRTE operating system. Then, we’ll plunge into the confusing universe of 802.11 standards in a quest to find promising attack surfaces.” states the abstract of the talk.
Google also patched 10 critical RCEs and more than 100 high and moderate issues. The company also fixed several critical flaws affecting the Android Mediaserver process, some of them could be exploited by a remote attacker to perform code execution.An input validation flaw in the libhevc library, tracked as CVE-2017-0540, can be exploited by using a specifically crafted file.
“A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33966031.” reads the vulnerability description.
Fintech firm Figure confirmed a data breach after hackers used social engineering to trick an…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in BeyondTrust RS and…
A new alleged Russia-linked APT group targeted Ukrainian defense, government, and energy groups, with CANFAIL…
A new threat actor, UAT-9921, uses the modular VoidLink framework to target technology and financial…
Attackers quickly targeted BeyondTrust flaw CVE-2026-1731 after a PoC was released, enabling unauthenticated remote code…
Google says nation-state actors used Gemini AI for reconnaissance and attack support in cyber operations.…
This website uses cookies.