CVE-2017-9212

Name of the Vulnerable Software and Affected Versions BMW 330i 2011

Description The issue concerns the Bluetooth stack, which allows a remote crash of the CD/Multimedia software. This can be achieved by using %x or %c format string specifiers in a device name.

Recommendations For the BMW 330i 2011, consider restricting the use of Bluetooth devices with specially crafted names to minimize the risk of exploitation. Avoid using the %x or %c format string specifiers in device names until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.