Lucene search

[email protected]NVD:CVE-2021-31787

HistoryNov 30, 2021 - 8:15 p.m.

CVE-2021-31787

2021-11-3020:15:07

CWE-770

[email protected]

web.nvd.nist.gov

cve-2021-31787

denial of service

bluetooth classic

ats2815 chipsets

lmp responses

CVSS2

6.1

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

41.9%

JSON

The Bluetooth Classic implementation on Actions ATS2815 chipsets does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service and shutdown of a device by flooding the target device with LMP_features_res packets.

Affected configurations

Nvd

Node

actions-semiats2819pMatch-

AND

actions-semiats2819p_firmwareMatch-

Node

actions-semiats2815Match-

AND

actions-semiats2815_firmwareMatch-

Node

actions-semiats2819Match-

AND

actions-semiats2819_firmwareMatch-

Node

actions-semiats2819sMatch-

AND

actions-semiats2819s_firmwareMatch-

Node

actions-semiats2819tMatch-

AND

actions-semiats2819t_firmwareMatch-

VendorProductVersionCPE
actions-semiats2819p-cpe:2.3:h:actions-semi:ats2819p:-:*:*:*:*:*:*:*
actions-semiats2819p_firmware-cpe:2.3:o:actions-semi:ats2819p_firmware:-:*:*:*:*:*:*:*
actions-semiats2815-cpe:2.3:h:actions-semi:ats2815:-:*:*:*:*:*:*:*
actions-semiats2815_firmware-cpe:2.3:o:actions-semi:ats2815_firmware:-:*:*:*:*:*:*:*
actions-semiats2819-cpe:2.3:h:actions-semi:ats2819:-:*:*:*:*:*:*:*
actions-semiats2819_firmware-cpe:2.3:o:actions-semi:ats2819_firmware:-:*:*:*:*:*:*:*
actions-semiats2819s-cpe:2.3:h:actions-semi:ats2819s:-:*:*:*:*:*:*:*
actions-semiats2819s_firmware-cpe:2.3:o:actions-semi:ats2819s_firmware:-:*:*:*:*:*:*:*
actions-semiats2819t-cpe:2.3:h:actions-semi:ats2819t:-:*:*:*:*:*:*:*
actions-semiats2819t_firmware-cpe:2.3:o:actions-semi:ats2819t_firmware:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
actions-semi	ats2819p	-	cpe:2.3:h:actions-semi:ats2819p:-:::::::*
actions-semi	ats2819p_firmware	-	cpe:2.3:o:actions-semi:ats2819p_firmware:-:::::::*
actions-semi	ats2815	-	cpe:2.3:h:actions-semi:ats2815:-:::::::*
actions-semi	ats2815_firmware	-	cpe:2.3:o:actions-semi:ats2815_firmware:-:::::::*
actions-semi	ats2819	-	cpe:2.3:h:actions-semi:ats2819:-:::::::*
actions-semi	ats2819_firmware	-	cpe:2.3:o:actions-semi:ats2819_firmware:-:::::::*
actions-semi	ats2819s	-	cpe:2.3:h:actions-semi:ats2819s:-:::::::*
actions-semi	ats2819s_firmware	-	cpe:2.3:o:actions-semi:ats2819s_firmware:-:::::::*
actions-semi	ats2819t	-	cpe:2.3:h:actions-semi:ats2819t:-:::::::*
actions-semi	ats2819t_firmware	-	cpe:2.3:o:actions-semi:ats2819t_firmware:-:::::::*

References

dl.packetstormsecurity.net/papers/general/braktooth.pdf

launchstudio.bluetooth.com/ListingDetails/76427

www.actions-semi.com/index.php?id=3581&siteId=4

CVSS2

6.1

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

41.9%

JSON

Related for NVD:CVE-2021-31787

prion1 cvelist1 cve1