Sign-up

ID

VAR-201709-0926


CVE

CVE-2017-0792


TITLE

Android of Broadcom Wi-Fi Information disclosure vulnerability in driver

Trust: 0.8

sources: JVNDB: JVNDB-2017-007717

DESCRIPTION

A information disclosure vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37305578. References: B-V2017052301. This vulnerability Android ID: A-37305578 and Broadcom B-V2017052301 It is published asInformation may be obtained. Google Android is prone to multiple security vulnerabilities. An attacker can leverage these issues to execute arbitrary code, gain sensitive information or gain elevated privileges. Failed exploit attempts may result in a denial of service condition

Trust: 1.98

sources: NVD: CVE-2017-0792 // JVNDB: JVNDB-2017-007717 // BID: 100655 // VULMON: CVE-2017-0792

IOT TAXONOMY

category:['other device']sub_category:general

Trust: 0.1

sources: OTHER: None

AFFECTED PRODUCTS

vendor:googlemodel:androidscope:eqversion:7.1.2

Trust: 1.6

vendor:googlemodel:androidscope: - version: -

Trust: 0.8

vendor:googlemodel:pixel xlscope:eqversion:0

Trust: 0.3

vendor:googlemodel:pixel cscope:eqversion:0

Trust: 0.3

vendor:googlemodel:pixelscope:eqversion:0

Trust: 0.3

vendor:googlemodel:nexus playerscope:eqversion:0

Trust: 0.3

vendor:googlemodel:nexusscope:eqversion:9

Trust: 0.3

vendor:googlemodel:nexus 6pscope: - version: -

Trust: 0.3

vendor:googlemodel:nexusscope:eqversion:6

Trust: 0.3

vendor:googlemodel:nexusscope:eqversion:5x

Trust: 0.3

vendor:googlemodel:androidscope:eqversion:0

Trust: 0.3

sources: BID: 100655 // JVNDB: JVNDB-2017-007717 // CNNVD: CNNVD-201709-305 // NVD: CVE-2017-0792

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-0792
value: MEDIUM

Trust: 1.0

NVD: CVE-2017-0792
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201709-305
value: LOW

Trust: 0.6

VULMON: CVE-2017-0792
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2017-0792
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:P/I:N/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 6.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

nvd@nist.gov: CVE-2017-0792
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: VULMON: CVE-2017-0792 // JVNDB: JVNDB-2017-007717 // CNNVD: CNNVD-201709-305 // NVD: CVE-2017-0792

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.8

sources: JVNDB: JVNDB-2017-007717 // NVD: CVE-2017-0792

THREAT TYPE

specific network environment

Trust: 0.6

sources: CNNVD: CNNVD-201709-305

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201709-305

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-007717

PATCH
title:Android Security Bulletin-September 2017url:https://source.android.com/security/bulletin/2017-09-01
Trust: 0.8
title:Android Broadcom Wi-Fi Fixes for driver permission and access control vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=74633
Trust: 0.6
title:Android Security Bulletins: Android Security Bulletin—September 2017url:https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins&qid=45d9f825c1db6d21aee6f02c00c607a0
Trust: 0.1
sources:
            
            
            VULMON: CVE-2017-0792 // 
            
            
            
            JVNDB: JVNDB-2017-007717 // 
            
            
            
            CNNVD: CNNVD-201709-305

EXTERNAL IDS
db:NVDid:CVE-2017-0792
Trust: 2.9
db:BIDid:100655
Trust: 2.0
db:JVNDBid:JVNDB-2017-007717
Trust: 0.8
db:CNNVDid:CNNVD-201709-305
Trust: 0.6
db:OTHERid:NONE
Trust: 0.1
db:VULMONid:CVE-2017-0792
Trust: 0.1
sources:
            
            
            OTHER: None // 
            
            
            
            VULMON: CVE-2017-0792 // 
            
            
            
            BID: 100655 // 
            
            
            
            JVNDB: JVNDB-2017-007717 // 
            
            
            
            CNNVD: CNNVD-201709-305 // 
            
            
            
            NVD: CVE-2017-0792

REFERENCES
url:https://source.android.com/security/bulletin/2017-09-01
Trust: 2.0
url:http://www.securityfocus.com/bid/100655
Trust: 1.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-0792
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-0792
Trust: 0.8
url:http://code.google.com/android/
Trust: 0.3
url:https://ieeexplore.ieee.org/abstract/document/10769424
Trust: 0.1
url:https://cwe.mitre.org/data/definitions/200.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://source.android.com/security/bulletin/2017-09-01.html
Trust: 0.1
sources:
            
            
            OTHER: None // 
            
            
            
            VULMON: CVE-2017-0792 // 
            
            
            
            BID: 100655 // 
            
            
            
            JVNDB: JVNDB-2017-007717 // 
            
            
            
            CNNVD: CNNVD-201709-305 // 
            
            
            
            NVD: CVE-2017-0792

CREDITS
Hao Chen and Guang Gong of Alpha Team, Qihoo 360 Technology Co. Ltd.
Trust: 0.3
sources:
            
            
            BID: 100655

SOURCES
db:OTHERid: - 
db:VULMONid:CVE-2017-0792
db:BIDid:100655
db:JVNDBid:JVNDB-2017-007717
db:CNNVDid:CNNVD-201709-305
db:NVDid:CVE-2017-0792

LAST UPDATE DATE
2025-04-20T19:56:30.390000+00:00

SOURCES UPDATE DATE
db:VULMONid:CVE-2017-0792date:2017-09-12T00:00:00
db:BIDid:100655date:2017-09-05T00:00:00
db:JVNDBid:JVNDB-2017-007717date:2017-10-02T00:00:00
db:CNNVDid:CNNVD-201709-305date:2017-09-11T00:00:00
db:NVDid:CVE-2017-0792date:2025-04-20T01:37:25.860

SOURCES RELEASE DATE
db:VULMONid:CVE-2017-0792date:2017-09-08T00:00:00
db:BIDid:100655date:2017-09-05T00:00:00
db:JVNDBid:JVNDB-2017-007717date:2017-10-02T00:00:00
db:CNNVDid:CNNVD-201709-305date:2017-09-11T00:00:00
db:NVDid:CVE-2017-0792date:2017-09-08T20:29:01.413