Vulnerabilities > CVE-2019-19193 - Unspecified vulnerability in TI Ble-Stack and Cc2640R2 Software Development KIT

CVSS 6.1 - MEDIUM

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

low complexity

NVD

Published: 2020-02-10

Updated: 2020-02-14

Summary

The Bluetooth Low Energy peripheral implementation on Texas Instruments SIMPLELINK-CC2640R2-SDK through 3.30.00.20 and BLE-STACK through 1.5.0 before Q4 2019 for CC2640R2 and CC2540/1 devices does not properly restrict the advertisement connection request packet on reception, allowing attackers in radio range to cause a denial of service (crash) via a crafted packet.

Vulnerable Configurations

Part	Description	Count
Application	Ti TI BLE Stack 1.5.0 TI Cc2640R2 Software Development KIT *	2
Hardware	Ti TI Cc2540/1 * TI Cc2640R2 *	2

References

http://www.ti.com/tool/BLE-STACK
https://asset-group.github.io/disclosures/sweyntooth/