CVE-2020-13594

Name of the Vulnerable Software and Affected Versions Espressif ESP-IDF versions 4.2 and earlier

Description The issue is related to the Bluetooth Low Energy (BLE) controller implementation, which does not properly restrict the channel map field of the connection request packet on reception. This allows attackers in radio range to cause a denial of service (crash) via a crafted packet.

Recommendations For Espressif ESP-IDF versions 4.2 and earlier, consider restricting or disabling the BLE functionality until a patch is available to prevent potential denial of service attacks.