Vulnerabilities > CVE-2020-13595 - Reachable Assertion vulnerability in Espressif Esp-Idf 4.0.0/4.1/4.2

CVSS 3.3 - LOW

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

low complexity

espressif

CWE-617

NVD

Published: 2020-08-31

Updated: 2020-09-08

Summary

The Bluetooth Low Energy (BLE) controller implementation in Espressif ESP-IDF 4.0 through 4.2 (for ESP32 devices) returns the wrong number of completed BLE packets and triggers a reachable assertion on the host stack when receiving a packet with an MIC failure. An attacker within radio range can silently trigger the assertion (which disables the target's BLE stack) by sending a crafted sequence of BLE packets.

Vulnerable Configurations

Part	Description	Count
Application	Espressif Espressif ESP IDF 4.0.0 Espressif ESP IDF 4.1 Espressif ESP IDF 4.2	3
Hardware	Espressif Espressif Esp32 -	1

Common Weakness Enumeration (CWE)

CWE-617 - Reachable Assertion

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References