CVE-2019-19193

Published: Feb 10, 2020Modified: Nov 21, 2024

6.5

Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

The Bluetooth Low Energy peripheral implementation on Texas Instruments SIMPLELINK-CC2640R2-SDK through 3.30.00.20 and BLE-STACK through 1.5.0 before Q4 2019 for CC2640R2 and CC2540/1 devices does not properly restrict the advertisement connection request packet on reception, allowing attackers in radio range to cause a denial of service (crash) via a crafted packet.

Affected (2)

Products: Ti: Ble Stack, Cc2640r2 Software Development Kit

2 products

Cc2640r2 Software Development Kit

Configuration A

2 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Ti Ble Stack	Up to 1.5.0
Ti Cc2640r2 Software Development Kit	Up to 3.30.00.20

Running on/with	Platform Versions
Ti Cc2540/1	Before q4_2019
Ti Cc2640r2	Before q4_2019

References (4)

http://www.ti.com/tool/BLE-STACK

Source: cve@mitre.org

Vendor Advisory

https://asset-group.github.io/disclosures/sweyntooth/

Source: cve@mitre.org

Third Party Advisory

http://www.ti.com/tool/BLE-STACK

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://asset-group.github.io/disclosures/sweyntooth/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.