Format String Bug in Modem Interface Driver: Vulnerability Exploitation via Radio Permission

Format String Bug in Modem Interface Driver: Vulnerability Exploitation via Radio Permission

CVE-2021-25489 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string bug leading to kernel panic.

Learn more about our Web Application Penetration Testing UK.