OpenThread before 2019-12-13 has a stack-based buffer overflow in MeshCoP::Commissioner::GeneratePskc.
9.8CVSS
9.6AI Score
0.002EPSS
TIβs BLE stack caches and reuses the LTKβs property for a bonded mobile. A LTK can be an unauthenticated-and-no-MITM-protection key created by Just Works or an authenticated-and-MITM-protection key created by Passkey Entry, Numeric Comparison or OOB. Assume that a victim mobile uses secure pairing ...
6.8CVSS
6.5AI Score
0.001EPSS