Cross site request forgery (csrf)

The Bluetooth Low Energy peripheral implementation on Texas Instruments SIMPLELINK-CC2640R2-SDK through 3.30.00.20 and BLE-STACK through 1.5.0 before Q4 2019 for CC2640R2 and CC2540/1 devices does not properly restrict the advertisement connection request packet on reception, allowing attackers i...

Buffer overflow

The Bluetooth Low Energy BLE stack implementation on Cypress PSoC 4 through 3.62 devices does not properly restrict the BLE Link Layer header and executes certain memory contents upon receiving a packet with a Link Layer ID LLID equal to zero. This allows attackers within radio range to cause...

CVE-2019-19193

CVE-2019-19193 affects TI Bluetooth Low Energy peripheral in SIMPLELINK-CC2640R2-SDK (up to 3.30.00.20) and BLE-STACK (up to 1.5.0) for CC2640R2 and CC2540/1. The issue is that the advertisement connection request packet is not properly restricted on reception, allowing attackers in radio range t...

CVE-2019-17061

The CVE-2019-17061 entry concerns the Bluetooth Low Energy (BLE) stack in Cypress PSoC 4 devices (up to version 3.62). The issue is that the BLE Link Layer header is not properly restricted when processing a packet with LLID = 0, allowing an attacker in radio range to trigger a deadlock, anomalou...

CVE-2018-16986

Texas Instruments BLE-STACK v2.2.1 for SimpleLink CC2640 and CC2650 devices allows remote attackers to execute arbitrary code via a malformed packet that triggers a buffer overflow...

CVE-2018-16986

CVE-2018-16986 (TI BLE-STACK 2.2.1) affects Texas Instruments BLE-STACK used in SimpleLink CC2640/CC2650. A malformed BLE packet can trigger a buffer overflow, enabling remote arbitrary code execution. Connected docs also describe a related BLE chip vulnerability (CVE-2018-7080) in TI chips (CC26...

Buffer overflow

Texas Instruments BLE-STACK v2.2.1 for SimpleLink CC2640 and CC2650 devices allows remote attackers to execute arbitrary code via a malformed packet that triggers a buffer overflow...

CVE-2018-16986

Texas Instruments BLE-STACK v2.2.1 for SimpleLink CC2640 and CC2650 devices allows remote attackers to execute arbitrary code via a malformed packet that triggers a buffer overflow...

Texas Instruments CC2640 and CC2650 microcontrollers vulnerable to heap overflow and insecure update

Overview Texas Instruments CC2640 and CC2650 microcontrollers are vulnerable to a heap overflow and may allow unauthenticated firmware installation. Description CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer CVE-2018-16986 - also known as BLEEDINGBIT The following...