CVE-2018-19860 Information

Description

Broadcom firmware before summer 2014 on Nexus 5 BCM4335C0 2012-12-11 Raspberry Pi 3 BCM43438A1 2014-06-02 and unspecifed other devices does not properly restrict LMP commnds and executes certain memory contents upon receiving an LMP command as demonstrated by executing an HCI command.

CVSS Vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Reference

http://seclists.org/fulldisclosure/2019/Aug/11 http://seclists.org/fulldisclosure/2019/Jul/22 https://seclists.org/bugtraq/2019/Aug/21 https://source.android.com/security/bulletin/2019-05-01 https://support.apple.com/kb/HT210348 https://www.broadcom.com/support/resources/product-security-center

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

8.8