CVE-2019-17061

Published: Feb 10, 2020Modified: Nov 21, 2024

6.5

Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

The Bluetooth Low Energy (BLE) stack implementation on Cypress PSoC 4 through 3.62 devices does not properly restrict the BLE Link Layer header and executes certain memory contents upon receiving a packet with a Link Layer ID (LLID) equal to zero. This allows attackers within radio range to cause deadlocks, cause anomalous behavior in the BLE state machine, or trigger a buffer overflow via a crafted BLE Link Layer frame.

Affected (1)

Products: Cypress: Psoc 4 Ble

1 product

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cypress Psoc 4 Ble	Up to 3.62

Running on/with	Platform Versions
Cypress Psoc 4	All versions

Related CWEs

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (6)

https://asset-group.github.io/disclosures/sweyntooth/

Source: cve@mitre.org

Third Party Advisory

https://community.cypress.com/thread/53680

Source: cve@mitre.org

Vendor Advisory

https://www.cypress.com/products/ble-bluetooth

Source: cve@mitre.org

Vendor Advisory

https://asset-group.github.io/disclosures/sweyntooth/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://community.cypress.com/thread/53680

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.cypress.com/products/ble-bluetooth

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.