CVE-2019-17520
First published: Mon Feb 10 2020(Updated: )
The Bluetooth Low Energy implementation on Texas Instruments SDK through 3.30.00.20 for CC2640R2 devices does not properly restrict the SM Public Key packet on reception, allowing attackers in radio range to cause a denial of service (crash) via crafted packets.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ti Cc2640r2 Software Development Kit | <=3.30.00.20 | |
| Ti Cc2640r2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2019-17520.
What is the severity level of CVE-2019-17520?
CVE-2019-17520 has a severity level of 6.5 (medium).
Which devices are affected by this vulnerability?
The Texas Instruments CC2640R2 devices with software development kit (SDK) version 3.30.00.20 are affected by this vulnerability.
How can an attacker exploit this vulnerability?
An attacker within radio range can exploit this vulnerability by sending crafted packets to cause a denial of service (crash) on the affected devices.
Are there any known fixes or patches available for this vulnerability?
At the moment, there is no known fix or patch available for this vulnerability. It is recommended to follow the guidance provided by Texas Instruments and stay updated on any official announcements or recommendations regarding this vulnerability.
- collector/nvd-index
- agent/references
- agent/type
- agent/event
- agent/tags
- agent/severity
- agent/weakness
- agent/author
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/ti
- canonical/ti cc2640r2 software development kit
- version/ti cc2640r2 software development kit/3.30.00.20
- canonical/ti cc2640r2