PT-2020-10085 · Telink Semiconductor · Telink Semiconductor Ble Sdk
Published
2020-02-12
·
Updated
2020-02-25
·
CVE-2019-19196
CVSS v3.1
6.5
Medium
| Vector | AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Telink Semiconductor BLE SDK versions prior to November 2019 for TLSR8x5x through 3.4.0
Telink Semiconductor BLE SDK versions prior to November 2019 for TLSR823x through 1.3.0
Telink Semiconductor BLE SDK versions prior to November 2019 for TLSR826x through 3.3
Description
The Bluetooth Low Energy Secure Manager Protocol implementation accepts a pairing request with a key size greater than 16 bytes, allowing an attacker in radio range to cause a buffer overflow and denial of service via crafted packets.
Recommendations
For Telink Semiconductor BLE SDK versions prior to November 2019 for TLSR8x5x through 3.4.0, update to a version from November 2019 or later.
For Telink Semiconductor BLE SDK versions prior to November 2019 for TLSR823x through 1.3.0, update to a version from November 2019 or later.
For Telink Semiconductor BLE SDK versions prior to November 2019 for TLSR826x through 3.3, update to a version from November 2019 or later.
Exploit
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Telink Semiconductor Ble Sdk