CVE-2019-17520

Sažetak

The Bluetooth Low Energy implementation on Texas Instruments SDK through 3.30.00.20 for CC2640R2 devices does not properly restrict the SM Public Key packet on reception, allowing attackers in radio range to cause a denial of service (crash) via crafted packets.

Reference

http://www.ti.com/tool/LAUNCHXL-CC2640R2
https://asset-group.github.io/disclosures/sweyntooth/
https://www.youtube.com/watch?v=Iw8sIBLWE_w

CVSS

Base:	6.1
Impact:	6.9
Exploitability:	6.5

Pristup

Vektor	Složenost	Autentikacija
ADJACENT_NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	COMPLETE

CVSS vektor

AV:A/AC:L/Au:N/C:N/I:N/A:C

Zadnje važnije ažuriranje

14-02-2020 - 18:10

Objavljeno

10-02-2020 - 21:51