Published: 31/07/2018 Updated: 03/10/2018

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 695

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Firmware in the Intel Puma 5, 6, and 7 Series might experience resource depletion or timeout, which allows a network malicious user to create a denial of service via crafted network traffic.

Vulnerable Product	Search on Vulmon	Subscribe to Product
intel puma_firmware 5.0
intel puma_firmware 6.0_soc
intel puma_firmware 7.0_soc

lunnovadev Usable Projects import-ynab Automatic data import for YNAB budgeting tool For Revolut or UK truelayer users only TickProfiler Performance profiler for modded minecraft servers with releases for 147 through 112 TickThreading Threading/performance enhancement for modded minecraft Only has workable released versions for 147 nixos-configs Infrastructure as Co

CVE-2017-5693 Denial of service vulnerability in Puma 6 modems

Puma 6 fail demo Tool to demonstrate issue from this post found by mackey: wwwdslreportscom/forum/r31377755- Proof of concept code is already public elsewhere See CVE-2017-5693 DoS occurs in either direction - UDP from LAN to WAN or WAN to LAN Testing through a local Virgin Media Super Hub 3 modem: 1mbps/2000pps causes ~20ms average latency rise with 200 maximum

CVE-2017-5693 Denial of service vulnerability in Puma 6 modems

Puma 6 fail demo Tool to demonstrate issue from this post found by mackey: wwwdslreportscom/forum/r31377755- Proof of concept code is already public elsewhere See CVE-2017-5693 DoS occurs in either direction - UDP from LAN to WAN or WAN to LAN Testing through a local Virgin Media Super Hub 3 modem: 1mbps/2000pps causes ~20ms average latency rise with 200 maximum

Intel finally emits Puma 1Gbps modem fixes – just as new ping-of-death bug emerges

The Register • Shaun Nichols in San Francisco • 14 Aug 2018

Broadband-throttling bug finally gets a write-up and CVE Intel Pumageddon: Broadband chip bug haunts Chipzilla's past, present and future

More than 18 months after the design blunder was first brought to light, Intel is still working to iron out the creases in its Puma high-speed broadband modem chipsets. In recent weeks, Chipzilla quietly put out an advisory as well as finally confirming a formal CVE entry – CVE-2017-5693 – for the security vulnerability. When exploited by miscreants, this flaw causes Puma 5, 6, and 7 modem components – used in various high-speed broadband gateways – to suffer performance-wise. A particul...

CVE-2017-5693

Vulnerability Summary

Vulnerability Trend

Github Repositories

Recent Articles

References

Vulmon Search

About

Products

Connect