CVE-2017-0705

MEDIUM

Android - Elevation of Privilege in Broadcom Wi-Fi Driver

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-0705. PoCs published by ScottyBauer.

AI-analyzed exploit summary The provided code is a functional proof-of-concept exploit for CVE-2017-0705, targeting a vulnerability in the Broadcom Wi-Fi driver used in Android devices. It leverages crafted Netlink messages to trigger a buffer overflow in the driver's handling of significant change configurations.

Description

A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-34973477. References: B-RB#119898.

Exploits (1)

github WORKING POC 682 stars
by ScottyBauer · cpoc
https://github.com/ScottyBauer/Android_Kernel_CVE_POCs/tree/master/CVE-2017-0705.c

The provided code is a functional proof-of-concept exploit for CVE-2017-0705, targeting a vulnerability in the Broadcom Wi-Fi driver used in Android devices. It leverages crafted Netlink messages to trigger a buffer overflow in the driver's handling of significant change configurations.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: Broadcom Wi-Fi driver (Android Kernel)
No auth needed
Prerequisites: Access to a vulnerable Android device with Broadcom Wi-Fi chipset · Root or sufficient permissions to interact with Netlink sockets
devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (3)

Core 3
Core References
Vendor Advisory x_refsource_confirm
https://source.android.com/security/bulletin/2017-07-01
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/99482

Scores

CVSS v3 6.8
EPSS 0.0019
EPSS Percentile 8.3%
Attack Vector PHYSICAL
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

Status published
Products (2)
google/android 7.1.2
Google Inc./Android Android kernel
Published Jul 06, 2017
Tracked Since Feb 18, 2026