Vulnerabilities > CVE-2021-34146 - Unspecified vulnerability in Cypress Cyw20735B1 Firmware and Cyw920735Q60Evb-01 Firmware

CVSS 6.1 - MEDIUM

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

low complexity

cypress

NVD

Published: 2021-09-07

Updated: 2021-09-14

Summary

The Bluetooth Classic implementation in the Cypress CYW920735Q60EVB does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service and restart (crash) of the device by flooding it with LMP_AU_Rand packets after the paging procedure.

Vulnerable Configurations

Part	Description	Count
OS	Cypress Cypress Cyw920735Q60Evb 01 Firmware - Cypress Cyw20735B1 Firmware -	2
Hardware	Cypress Cypress Cyw920735Q60Evb 01 - Cypress Cyw20735B1 -	2

References

https://www.cypress.com/documentation/datasheets/cyw20735b1-single-chip-bluetooth-transceiver-wireless-input-devices
https://dl.packetstormsecurity.net/papers/general/braktooth.pdf