The Hacker News Logo
Subscribe to Newsletter

The Hacker News — Cyber Security and Hacking News Website: Nexus device

Millions Of Smartphones Using Broadcom Wi-Fi Chip Can Be Hacked Over-the-Air

Millions Of Smartphones Using Broadcom Wi-Fi Chip Can Be Hacked Over-the-Air

April 05, 2017Swati Khandelwal
Millions of smartphones and smart gadgets, including Apple iOS and many Android handsets from various manufacturers, equipped with Broadcom Wifi chips are vulnerable to over-the-air hijacking without any user interaction. Just yesterday, Apple rushed out an emergency iOS 10.3.1 patch update to address a serious bug that could allow an attacker within same Wifi network to remotely execute malicious code on the Broadcom WiFi SoC (Software-on-Chip) used in iPhones, iPads, and iPods. The vulnerability was described as the stack buffer overflow issue and was discovered by Google's Project Zero staffer Gal Beniamini, who today detailed his research on a lengthy blog post , saying the flaw affects not only Apple but all those devices using Broadcom's Wi-Fi stack. Beniamini says this stack buffer overflow issue in the Broadcom firmware code could lead to remote code execution vulnerability, allowing an attacker in the smartphone's WiFi range to send and execute code on th
Google releases Security Patch for Android Stagefright 2.0 Vulnerability

Google releases Security Patch for Android Stagefright 2.0 Vulnerability

October 06, 2015Wang Wei
Google reportedly fixed the latest round of Stagefright vulnerabilities in Android, pushing its latest over-the-air (OTA) update to Nexus devices. Last week, researchers warned of Stagefright 2.0 vulnerability that affected more than one Billion Android devices dating back to the latest versions of the Android operating system. The Stagefright bugs allowed hackers to take control of affected Android devices by sending a malicious audio or video file. In April, Zimperium researchers disclosed the first Stagefright vulnerability that allowed hackers to hijack any Android smartphones with just a simple text message ( exploit code ). As promised, Google on Monday pushed a patch that fixes the holes in Stagefright media playback engine used by Android to process, record and play multimedia files such as PDFs. The patch fixes 30 vulnerabilities in total, which includes: 14 critical vulnerabilities in Stagefright library 5 Remote Code Execution bugs 8 Eleva
Exclusive Deals

Get Daily News Updates By Email

Join over 350,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.