PT-2020-10082 · Texas Instruments · Ble-Stack+1

Published

2020-02-10

Updated

2020-02-14

CVE-2019-19193

CVSS v3.1

6.5

Medium

Vector

AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Texas Instruments SIMPLELINK-CC2640R2-SDK versions 3.30.00.20 and earlier Texas Instruments BLE-STACK versions 1.5.0 and earlier

Description The Bluetooth Low Energy peripheral implementation does not properly restrict the advertisement connection request packet on reception. This allows attackers in radio range to cause a denial of service via a crafted packet.

Recommendations For Texas Instruments SIMPLELINK-CC2640R2-SDK versions 3.30.00.20 and earlier, update to a version released after Q4 2019 to resolve the issue. For Texas Instruments BLE-STACK versions 1.5.0 and earlier, update to a version released after Q4 2019 to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2019-19193

Affected Products

Ble-Stack

Simplelink-Cc2640R2-Sdk

PT-2020-10082 · Texas Instruments · Ble-Stack+1

CVE-2019-19193

Related Identifiers

Affected Products

References · 4