Synology-SA-17:30 Broadpwn

Abstract

CVE-2017-9417 could allow remote attackers to cause a denial of service attack or arbitrary code execution on the vulnerable server.

To prevent suffering an attack, should ensure that the device is connected to a trusted WiFi network on client mode.

Severity

• Impact: Critical
• CVSS3 Base Score: 9.8
• CVSS3 Base Metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected

• Products
  • SRM 1.1
• Models
  • RT1900ac

Description

Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka the "Broadpwn" issue.

Mitigation

None

Update Availability

To fix the security issue, please update SRM 1.1 to 1.1.4-6509-03 or above.

Reference

• http://boosterok.com/blog/broadpwn/
• http://boosterok.com/blog/broadpwn2/
• http://www.freebuf.com/news/139773.html