The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Broadcom BCM43xx: code execution via Wi-Fi

Synthesis of the vulnerability 

An attacker can use a vulnerability via Wi-Fi of Broadcom BCM43xx, in order to run code.
Vulnerable systems: iOS by Apple, iPhone, Mac OS X, Debian, Fedora, Android OS, Chrome, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 7, Windows 8, Windows RT, Opera.
Severity of this threat: 3/4.
Creation date: 20/07/2017.
Références of this weakness: APPLE-SA-2017-07-19-1, APPLE-SA-2017-07-19-2, Broadpwn, CERTFR-2017-AVI-244, CVE-2017-9417, DLA-1573-1, FEDORA-2017-355ac8a91a, FEDORA-2017-a253644369, HT207922, VIGILANCE-VUL-23300.

Description of the vulnerability 

An attacker can use a vulnerability via Wi-Fi of Broadcom BCM43xx, in order to run code.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This threat bulletin impacts software or systems such as iOS by Apple, iPhone, Mac OS X, Debian, Fedora, Android OS, Chrome, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 7, Windows 8, Windows RT, Opera.

Our Vigil@nce team determined that the severity of this computer threat bulletin is important.

The trust level is of type confirmed by the editor, with an origin of radio connection.

An attacker with a expert ability can exploit this computer threat.

Solutions for this threat 

Android OS: patches 2017-07-01 and 2017-07-05.
A patch is indicated in information sources.

Apple iOS: version 10.3.3.
The version 10.3.3 is fixed:
  https://www.apple.com/

Apple macOS: version 10.12.6.
The version 10.12.6 is fixed:
  https://www.apple.com/

Chrome OS: version 60.0.3112.80.
The version 60.0.3112.80 is fixed:
  https://chromereleases.googleblog.com/2017/08/stable-channel-update-for-chrome-os.html

Debian 8: new firmware-nonfree packages.
New packages are available:
  Debian 8: firmware-nonfree 20161130-4~deb8u1

Fedora 26: new linux-firmware packages.
New packages are available:
  Fedora 26: linux-firmware 20171126-80.git17e62881.fc26
  Fedora 27: linux-firmware 20171126-80.git17e62881.fc27

Opera: version 47.0.2631.55.
The version 47.0.2631.55 is fixed:
  https://www.opera.com/

Windows: patch of September 2017.
A patch is indicated in information sources.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a networks vulnerabilities bulletin. Each administrator can customize the list of products for which he wants to receive vulnerability alerts.