Vulnerability: Improper Restriction of LMP Commands Execution

Vulnerability: Improper Restriction of LMP Commands Execution

CVE-2018-19860 · MEDIUM Severity

AV:A/AC:L/AU:N/C:P/I:P/A:P

Broadcom firmware before summer 2014 on Nexus 5 BCM4335C0 2012-12-11, Raspberry Pi 3 BCM43438A1 2014-06-02, and unspecifed other devices does not properly restrict LMP commnds and executes certain memory contents upon receiving an LMP command, as demonstrated by executing an HCI command.

Learn more about our Web Application Penetration Testing UK.