Описание
The Bluetooth Low Energy implementation on STMicroelectronics BLE Stack through 1.3.1 for STM32WB5x devices does not properly handle consecutive Attribute Protocol (ATT) requests on reception, allowing attackers in radio range to cause an event deadlock or crash via crafted packets.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.3.1 (включая)
Одновременно
cpe:2.3:a:st:wb55:*:*:*:*:*:*:*:*
cpe:2.3:h:st:wb55:-:*:*:*:*:*:*:*
Конфигурация 2Версия до 1.3.1 (включая)
Одновременно
cpe:2.3:a:st:bluenrg-2:*:*:*:*:*:*:*:*
cpe:2.3:h:st:bluenrg-2:-:*:*:*:*:*:*:*
EPSS
Процентиль: 26%
0.00089
Низкий
6.5 Medium
CVSS3
3.3 Low
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
больше 3 лет назад
The Bluetooth Low Energy implementation on STMicroelectronics BLE Stack through 1.3.1 for STM32WB5x devices does not properly handle consecutive Attribute Protocol (ATT) requests on reception, allowing attackers in radio range to cause an event deadlock or crash via crafted packets.
EPSS
Процентиль: 26%
0.00089
Низкий
6.5 Medium
CVSS3
3.3 Low
CVSS2
Дефекты
CWE-20