CVE-2018-19860
8.8
Vector
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 2.8 / Impact: 5.9
Source: NVD
Description
Broadcom firmware before summer 2014 on Nexus 5 BCM4335C0 2012-12-11, Raspberry Pi 3 BCM43438A1 2014-06-02, and unspecifed other devices does not properly restrict LMP commnds and executes certain memory contents upon receiving an LMP command, as demonstrated by executing an HCI command.
Affected (63)
Products: Broadcom: Bcm4335c0 Firmware, Bcm43438a1 Firmware · Cypress: Cyw20702a1kwfbg Firmware, Cyw20702a1kwfbgt Firmware, Cyw20702b0kwfbg Firmware, Cyw20702b0kwfbgt Firmware, Cyw20703ua1kffb1g Firmware, Cyw20703ua1kffb1gt Firmware, Cyw20704ua1kffb1g Firmware, Cyw20704ua1kffb1gt Firmware, Cyw20704ua2kffb1g Firmware, Cyw20704ua2kffb1gt Firmware, Cyw20705a1kwfbgt Firmware, Cyw20705b0kwfbg Firmware, Cyw20705b0kwfbgt Firmware, Cyw20706ua1kffb1g Firmware, Cyw20706ua1kffb1gt Firmware, Cyw20706ua1kffb4g Firmware, Cyw20706ua2kffb4g Firmware, Cyw20706ua2kffb4gt Firmware, Cyw20707a2kubgt Firmware, Cyw20707ua1kffb1g Firmware, Cyw20707ua1kffb4g Firmware, Cyw20707ua1kffb4gt Firmware, Cyw20707ua2kffb4g Firmware, Cyw20707ua2kffb4gt Firmware, Cyw20707va1pkwbgt Firmware, Cyw20707va2pkwbgt Firmware, Cyw20730a1kfbg Firmware, Cyw20730a1kfbgt Firmware, Cyw20730a1kml2g Firmware, Cyw20730a1kml2gt Firmware, Cyw20730a1kmlg Firmware, Cyw20730a1kmlgt Firmware, Cyw20730a2kfbg Firmware, Cyw20730a2kfbgt Firmware, Cyw20730a2kml2g Firmware, Cyw20730a2kml2gt Firmware, Cyw20733a1kfb1gt Firmware, Cyw20733a2kfb1g Firmware, Cyw20733a2kfb1gt Firmware, Cyw20733a2kml1g Firmware, Cyw20733a2kml1gt Firmware, Cyw20733a3kfb1g Firmware, Cyw20733a3kfb1gt Firmware, Cyw20733a3kfb2gt Firmware, Cyw20733a3kml1g Firmware, Cyw20733a3kml1gt Firmware, Cyw20734ua1kffb3g Firmware, Cyw20734ua1kffb3gt Firmware, Cyw20734ua2kffb3g Firmware, Cyw20734ua2kffb3gt Firmware, Cyw43438kubgt Firmware, Cyw4343w1kubgt Firmware, Cyw4343wkubgt Firmware, Cyw4343wkwbgt Firmware, Cyw4354kkwbgt Firmware, Cyw4354xkubgt Firmware, Cyw89071a1cubxgt Firmware, Cyw89072brfb5g Firmware, Cyw89072brfb5gt Firmware, Cyw89335l2cubgt Firmware, Cyw89335lcubgt Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 2012-12-11 |
| Running on/with | Platform Versions |
|---|---|
Broadcom Bcm4335c0 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version 2014-06-02 |
| Running on/with | Platform Versions |
|---|---|
Broadcom Bcm43438a1 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20702a1kwfbg | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20702a1kwfbgt | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20702b0kwfbg | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20702b0kwfbgt | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20703ua1kffb1g | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20703ua1kffb1gt | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20704ua1kffb1g | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20704ua1kffb1gt | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20704ua2kffb1g | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20704ua2kffb1gt | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20705a1kwfbgt | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20705b0kwfbg | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20705b0kwfbgt | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20706ua1kffb1g | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20706ua1kffb1gt | All versions |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20706ua1kffb4g | All versions |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20706ua2kffb4g | All versions |
Configuration T
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20706ua2kffb4gt | All versions |
Configuration U
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20707a2kubgt | All versions |
Configuration V
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20707ua1kffb1g | All versions |
Configuration W
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20707ua1kffb4g | All versions |
Configuration X
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20707ua1kffb4gt | All versions |
Configuration Y
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20707ua2kffb4g | All versions |
Configuration Z
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20707ua2kffb4gt | All versions |
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20707va1pkwbgt | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20707va2pkwbgt | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20730a1kfbg | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20730a1kfbgt | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20730a1kml2g | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20730a1kml2gt | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20730a1kmlg | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20730a1kmlgt | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20730a2kfbg | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20730a2kfbgt | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20730a2kml2g | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20730a2kml2gt | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20733a1kfb1gt | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20733a2kfb1g | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20733a2kfb1gt | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20733a2kml1g | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20733a2kml1gt | All versions |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20733a3kfb1g | All versions |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20733a3kfb1gt | All versions |
Configuration T
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20733a3kfb2gt | All versions |
Configuration U
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20733a3kml1g | All versions |
Configuration V
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20733a3kml1gt | All versions |
Configuration W
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20734ua1kffb3g | All versions |
Configuration X
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20734ua1kffb3gt | All versions |
Configuration Y
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20734ua2kffb3g | All versions |
Configuration Z
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw20734ua2kffb3gt | All versions |
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw43438kubgt | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw4343w1kubgt | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw4343wkubgt | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw4343wkwbgt | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw4354kkwbgt | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw4354xkubgt | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw89071a1cubxgt | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw89072brfb5g | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw89072brfb5gt | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw89335l2cubgt | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cypress Cyw89335lcubgt | All versions |
References (12)
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.