PT-2020-9912 · Nxp · Nxp Sdk For Kw41Z
Published
2020-02-12
·
Updated
2022-11-02
·
CVE-2019-17519
CVSS v3.1
8.8
High
| Vector | AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
NXP SDK for KW41Z devices versions through 2.2.1
Description
The Bluetooth Low Energy implementation does not properly restrict the Link Layer payload length, allowing attackers in radio range to cause a buffer overflow via a crafted packet.
Recommendations
For versions through 2.2.1, consider restricting access to the Bluetooth Low Energy functionality until a patch is available to properly restrict the Link Layer payload length and prevent buffer overflow attacks.
Exploit
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Nxp Sdk For Kw41Z