CVE-2017-9647: CVE-2017-9647

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2017-9647

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

A Stack-Based Buffer Overflow issue was discovered in the Continental AG Infineon S-Gold 2 (PMB 8876) chipset on BMW several models produced between 2009-2010, Ford a limited number of P-HEV vehicles, Infiniti 2013 JX35, Infiniti 2014-2016 QX60, Infiniti 2014-2016 QX60 Hybrid, Infiniti 2014-2015 QX50, Infiniti 2014-2015 QX50 Hybrid, Infiniti 2013 M37/M56, Infiniti 2014-2016 Q70, Infiniti 2014-2016 Q70L, Infiniti 2015-2016 Q70 Hybrid, Infiniti 2013 QX56, Infiniti 2014-2016 QX 80, and Nissan 2011-2015 Leaf. An attacker with a physical connection to the TCU may exploit a buffer overflow condition that exists in the processing of AT commands. This may allow arbitrary code execution on the baseband radio processor of the TCU.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

栈缓冲区溢出

Source: NVD (National Vulnerability Database)

Vulnerability Title

Continental AG Infineon S-Gold 2 (PMB 8876) chipset 缓冲区错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Continental AG Infineon S-Gold 2 (PMB 8876) chipset是德国Continental AG（Conti）公司生产的一个应用在汽车中的远程信息处理控制单元。 Continental AG Infineon S-Gold 2 (PMB 8876) chipset中的telematics control modules (TCUs)存在基于栈的缓冲区溢出漏洞。攻击者可通过连接TCU利用该漏洞执行任意代码。以下汽车型号受到影响：BMW several models p

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	Continental AG Infineon S-Gold 2 (PMB 8876)	Continental AG Infineon S-Gold 2 (PMB 8876)	-

II. Public POCs for CVE-2017-9647

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2017-9647

Please Login to view more intelligence information

https://ics-cert.us-cert.gov/advisories/ICSA-17-208-01x_refsource_MISC
http://www.securityfocus.com/bid/100132vdb-entryx_refsource_BID
https://nvd.nist.gov/vuln/detail/CVE-2017-9647

IV. Related Vulnerabilities

Same product: Continental AG Infineon S-Gold 2 (PMB 8876)

CVE-2017-9633
Continental AG Infineon S-Gold 2 (PMB 8876) chipset 安全漏洞

Same vendor: n/a

Same weakness: CWE-121

V. Comments for CVE-2017-9647

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2017-9647

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2017-9647

III. Intelligence Information for CVE-2017-9647

IV. Related Vulnerabilities

V. Comments for CVE-2017-9647

Leave a comment