Format String Bug in Modem Interface Driver: Vulnerability Exploitation via Radio Permission
CVE-2021-25489 · MEDIUM Severity
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string bug leading to kernel panic.
Learn more about our Web Application Penetration Testing UK.