Vulnerability CVE-2017-9212
Published: 2017-05-23

Description:
The Bluetooth stack on the BMW 330i 2011 allows a remote crash of the CD/Multimedia software via %x or %c format string specifiers in a device name.

Type:

CWE-134

 (Uncontrolled Format String)

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.8/10
6.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete
Affected software
Bavarian motor works -> Bluetooth stack 

 References:
https://twitter.com/__Obzy__/status/864704956116254720
Copyright 2024, cxsecurity.com

 

Back to Top