Vulnerabilities > CVE-2021-31613 - Unspecified vulnerability in Zh-Jieli products

CVSS 6.5 - MEDIUM

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

low complexity

zh-jieli

NVD

Published: 2021-09-07

Updated: 2021-09-09

Summary

The Bluetooth Classic implementation on Zhuhai Jieli AC690X and AC692X devices does not properly handle the reception of a truncated LMP packet during the LMP auto rate procedure, allowing attackers in radio range to immediately crash (and restart) a device via a crafted LMP packet.

Vulnerable Configurations

Part	Description	Count
OS	Zh-Jieli ZH Jieli Ac6901 Firmware - ZH Jieli Ac6925 Firmware - ZH Jieli Ac6926 Firmware - ZH Jieli Ac6928 Firmware - ZH Jieli Ac6921 Firmware -	5
Hardware	Zh-Jieli ZH Jieli Ac6901 - ZH Jieli Ac6925 - ZH Jieli Ac6926 - ZH Jieli Ac6928 - ZH Jieli Ac6921 -	5

References

https://launchstudio.bluetooth.com/ListingDetails/58628
https://launchstudio.bluetooth.com/ListingDetails/19746
https://dl.packetstormsecurity.net/papers/general/braktooth.pdf
http://www.zh-jieli.com/product/68-cn.html