Vulnerabilities > CVE-2020-13595 - Reachable Assertion vulnerability in Espressif Esp-Idf 4.0.0/4.1/4.2

047910
CVSS 3.3 - LOW
Attack vector
ADJACENT_NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
low complexity
espressif
CWE-617

Summary

The Bluetooth Low Energy (BLE) controller implementation in Espressif ESP-IDF 4.0 through 4.2 (for ESP32 devices) returns the wrong number of completed BLE packets and triggers a reachable assertion on the host stack when receiving a packet with an MIC failure. An attacker within radio range can silently trigger the assertion (which disables the target's BLE stack) by sending a crafted sequence of BLE packets.

Vulnerable Configurations

Part Description Count
Application
Espressif
3
Hardware
Espressif
1

Common Weakness Enumeration (CWE)