CVE-2024-3077

Name of the Vulnerable Software and Affected Versions Zephyr RTOS versions prior to 3.6

Description The issue allows a malicious BLE device to crash a BLE victim device by sending a malformed gatt packet. This can be exploited for local attacks. Network segmentation can help mitigate the risk until an update is applied.

Recommendations For Zephyr RTOS versions prior to 3.6, patch or upgrade immediately to prevent local attacks. Ensure network segmentation to mitigate risk until updated. As a temporary workaround, consider restricting access to BLE devices to minimize the risk of exploitation.