Broadcom Wi-Fi chips embedded in Android and iOS devices are vulnerable to a bug that allows an attacker to execute code on their devices, without any interaction needed from the user. The bug was discovered by security researcher Nitay Artenstein, nicknamed Broadpwn, and tracked as CVE-2017-9417. Google included a fix for this issue in the Android Security Bulletin for July 2017, released this week, on July 5. The attacker doesn’t need any user interaction to exploit the feature.
Source: https://www.bleepingcomputer.com/news/security/broadpwn-bug-affects-millions-of-android-and-ios-devices/