| ID |
CVE-2021-34147
|
| Sažetak |
The Bluetooth Classic implementation in the Cypress WICED BT stack through 2.9.0 for CYW20735B1 does not properly handle the reception of a malformed LMP timing accuracy response followed by multiple reconnections to the link slave, allowing attackers to exhaust device BT resources and eventually trigger a crash via multiple attempts of sending a crafted LMP timing accuracy response followed by a sudden reconnection with a random BDAddress. |
| Reference |
|
| CVSS |
| Base: | 6.1 |
| Impact: | 6.9 |
| Exploitability: | 6.5 |
|
| Pristup |
| Vektor | Složenost | Autentikacija |
| ADJACENT_NETWORK |
LOW |
NONE |
|
| Impact |
| Povjerljivost | Cjelovitost | Dostupnost |
| NONE |
NONE |
COMPLETE |
|
| CVSS vektor |
AV:A/AC:L/Au:N/C:N/I:N/A:C |
| Zadnje važnije ažuriranje |
14-09-2021 - 15:15 |
| Objavljeno |
07-09-2021 - 07:15 |