CVE-2021-34150
First published: Tue Sep 07 2021(Updated: )
The Bluetooth Classic implementation on Bluetrum AB5301A devices with unknown firmware versions does not properly handle the reception of oversized DM1 LMP packets while no other BT connections are active, allowing attackers in radio range to prevent new BT connections (disabling the AB5301A inquiry and page scan procedures) via a crafted LMP packet. The user needs to manually perform a power cycle (restart) of the device to restore BT connectivity.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Bluetrum Ab5301a Firmware | ||
| Bluetrum AB5301A |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2021-34150.
What is the affected software?
The affected software is Bluetrum Ab5301a Firmware.
What is the severity of CVE-2021-34150?
The severity of CVE-2021-34150 is medium with a CVSS score of 6.5.
How does CVE-2021-34150 impact Bluetrum AB5301A devices?
CVE-2021-34150 allows attackers in radio range to prevent new Bluetooth connections, disabling the AB5301A inquiry.
How can I fix CVE-2021-34150?
To fix CVE-2021-34150, it is recommended to update the firmware of Bluetrum AB5301A devices to a version that properly handles oversized DM1 LMP packets.
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/tags
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/bluetrum
- canonical/bluetrum ab5301a firmware
- canonical/bluetrum ab5301a