Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

CVE-2018-19860

Disclosure Date: June 07, 2019 •

CVE-2018-19860 CVSS v3 Base Score: 8.8

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Broadcom firmware before summer 2014 on Nexus 5 BCM4335C0 2012-12-11, Raspberry Pi 3 BCM43438A1 2014-06-02, and unspecifed other devices does not properly restrict LMP commnds and executes certain memory contents upon receiving an LMP command, as demonstrated by executing an HCI command.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

8.8 High

Impact Score:

5.9

Exploitability Score:

2.8

Vector:

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector (AV):

Adjacent_network

Attack Complexity (AC):

Low

Privileges Required (PR):

None

User Interaction (UI):

None

Scope (S):

Unchanged

Confidentiality (C):

High

Integrity (I):

High

Availability (A):

High

Vendors

broadcom,
cypress

Products

bcm4335c0 firmware 2012-12-11,
bcm43438a1 firmware 2014-06-02,
cyw20702a1kwfbg firmware -,
cyw20702a1kwfbgt firmware -,
cyw20702b0kwfbg firmware -,
cyw20702b0kwfbgt firmware -,
cyw20703ua1kffb1g firmware -,
cyw20703ua1kffb1gt firmware -,
cyw20704ua1kffb1g firmware -,
cyw20704ua1kffb1gt firmware -,
cyw20704ua2kffb1g firmware -,
cyw20704ua2kffb1gt firmware -,
cyw20705a1kwfbgt firmware -,
cyw20705b0kwfbg firmware -,
cyw20705b0kwfbgt firmware -,
cyw20706ua1kffb1g firmware -,
cyw20706ua1kffb1gt firmware -,
cyw20706ua1kffb4g firmware -,
cyw20706ua2kffb4g firmware -,
cyw20706ua2kffb4gt firmware -,
cyw20707a2kubgt firmware -,
cyw20707ua1kffb1g firmware -,
cyw20707ua1kffb4g firmware -,
cyw20707ua1kffb4gt firmware -,
cyw20707ua2kffb4g firmware -,
cyw20707ua2kffb4gt firmware -,
cyw20707va1pkwbgt firmware -,
cyw20707va2pkwbgt firmware -,
cyw20730a1kfbg firmware -,
cyw20730a1kfbgt firmware -,
cyw20730a1kml2g firmware -,
cyw20730a1kml2gt firmware -,
cyw20730a1kmlg firmware -,
cyw20730a1kmlgt firmware -,
cyw20730a2kfbg firmware -,
cyw20730a2kfbgt firmware -,
cyw20730a2kml2g firmware -,
cyw20730a2kml2gt firmware -,
cyw20733a1kfb1gt firmware -,
cyw20733a2kfb1g firmware -,
cyw20733a2kfb1gt firmware -,
cyw20733a2kml1g firmware -,
cyw20733a2kml1gt firmware -,
cyw20733a3kfb1g firmware -,
cyw20733a3kfb1gt firmware -,
cyw20733a3kfb2gt firmware -,
cyw20733a3kml1g firmware -,
cyw20733a3kml1gt firmware -,
cyw20734ua1kffb3g firmware -,
cyw20734ua1kffb3gt firmware -,
cyw20734ua2kffb3g firmware -,
cyw20734ua2kffb3gt firmware -,
cyw43438kubgt firmware -,
cyw4343w1kubgt firmware -,
cyw4343wkubgt firmware -,
cyw4343wkwbgt firmware -,
cyw4354kkwbgt firmware -,
cyw4354xkubgt firmware -,
cyw89071a1cubxgt firmware -,
cyw89072brfb5g firmware -,
cyw89072brfb5gt firmware -,
cyw89335l2cubgt firmware -,
cyw89335lcubgt firmware -

References

Rapid7

Unknown

CVE-2018-19860

Unknown

Unknown

None

None

Adjacent_network

CVE-2018-19860

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Advisory

Miscellaneous

Additional Info

Technical Analysis

Unknown

CVE-2018-19860

Unknown

Unknown

None

None

Adjacent_network

CVE-2018-19860

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Advisory

Miscellaneous

Additional Info

Technical Analysis

Quick Cookie Notification