CVE-2019-19192: Input Validation
First published: Wed Feb 12 2020(Updated: )
The Bluetooth Low Energy implementation on STMicroelectronics BLE Stack through 1.3.1 for STM32WB5x devices does not properly handle consecutive Attribute Protocol (ATT) requests on reception, allowing attackers in radio range to cause an event deadlock or crash via crafted packets.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| St Wb55 | <=1.3.1 | |
| St Wb55 | ||
| St Bluenrg-2 | <=1.3.1 | |
| St Bluenrg-2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-19192?
CVE-2019-19192 is a vulnerability in the Bluetooth Low Energy implementation on STMicroelectronics BLE Stack through 1.3.1 for STM32WB5x devices.
How does CVE-2019-19192 affect St Wb55?
CVE-2019-19192 affects St Wb55 devices with BLE Stack versions up to 1.3.1.
How does CVE-2019-19192 affect St Bluenrg-2?
CVE-2019-19192 affects St Bluenrg-2 devices with BLE Stack versions up to 1.3.1.
What is the severity of CVE-2019-19192?
CVE-2019-19192 has a severity rating of medium, with a CVSS score of 6.5.
How can I mitigate the CVE-2019-19192 vulnerability?
There is no known mitigation for CVE-2019-19192 at this time, please refer to the vendor for any available patches or updates.
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/author
- agent/event
- agent/references
- agent/type
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/st
- canonical/st wb55
- version/st wb55/1.3.1
- canonical/st bluenrg-2
- version/st bluenrg-2/1.3.1