CVE-2021-34174

Description

A vulnerability exists in Broadcom BCM4352 and BCM43684 chips. Any wireless router using BCM4352 and BCM43684 will be affected, such as ASUS AX6100. An attacker may cause a Denial of Service (DoS) to any device connected to BCM4352 or BCM43684 routers via an association or reassociation frame.

Related CPE's

o broadcom bcm4352_firmware -*******

h broadcom bcm4352 -*******

o broadcom bcm43684_firmware -*******

h broadcom bcm43684 -*******

References

https://github.com/E7mer/OWFuzz

ExploitThird Party Advisory

https://github.com/E7mer

Third Party Advisory

CvssV3 impact

BaseSeverity	MEDIUM
ConfidentialityImpact	NONE
AttackComplexity	LOW
Scope	UNCHANGED
AttackVector	PHYSICAL
AvailabilityImpact	HIGH
IntegrityImpact	NONE
PrivilegesRequired	NONE
BaseScore	4.6
VectorString	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version	3.1
UserInteraction	NONE

CvssV2 impact

AccessComplexity	LOW
ConfidentialityImpact	NONE
AvailabilityImpact	COMPLETE
IntegrityImpact	NONE
BaseScore	4.9
VectorString	AV:L/AC:L/Au:N/C:N/I:N/A:C
Version	2.0
AccessVector	LOCAL
Authentication	NONE

Created by Yello

About Severity.io