CVE-2018-16986

Sažetak

Texas Instruments BLE-STACK v2.2.1 for SimpleLink CC2640 and CC2650 devices allows remote attackers to execute arbitrary code via a malformed packet that triggers a buffer overflow.

Reference

http://e2e.ti.com/support/wireless-connectivity/bluetooth/f/538/t/742827
http://www.securityfocus.com/bid/105812
http://www.securitytracker.com/id/1042018
https://armis.com/bleedingbit/
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181101-ap
https://www.kb.cert.org/vuls/id/317277

CVSS

Base:	5.8
Impact:	6.4
Exploitability:	6.5

Pristup

Vektor	Složenost	Autentikacija
ADJACENT_NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:A/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

24-08-2020 - 17:37

Objavljeno

06-11-2018 - 15:29