Vulnerabilities > CVE-2021-34143 - Unspecified vulnerability in Zh-Jieli Fw-Ac63 BT SDK 1.0.0

CVSS 6.5 - MEDIUM

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

low complexity

zh-jieli

NVD

Published: 2021-09-07

Updated: 2021-09-14

Summary

The Bluetooth Classic implementation in the Zhuhai Jieli AC6366C_DEMO_V1.0 does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service (deadlock) of the device by flooding it with LMP_AU_Rand packets after paging procedure. User intervention is required to restart the device.

Vulnerable Configurations

Part	Description	Count
OS	Zh-Jieli ZH Jieli FW Ac63 BT SDK 1.0.0	1
Hardware	Zh-Jieli ZH Jieli Ac6936 - ZH Jieli Ac6951 - ZH Jieli Ac6952 - ZH Jieli Ac6954 - ZH Jieli Ac6955 - ZH Jieli Ac6956 - ZH Jieli Ac6963 - ZH Jieli Ac6965 - ZH Jieli Ac6966 - ZH Jieli Ac6969 - ZH Jieli Ac6973 - ZH Jieli Ac6976 - ZH Jieli Ac6983 - ZH Jieli Ac6986 -	14

Summary

Vulnerable Configurations

References