6.5

CVE-2021-34150

EPSS 0.13%
Veröffentlicht 07.09.2021 06:15:08
Zuletzt bearbeitet 21.11.2024 06:09:57
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

The Bluetooth Classic implementation on Bluetrum AB5301A devices with unknown firmware versions does not properly handle the reception of oversized DM1 LMP packets while no other BT connections are active, allowing attackers in radio range to prevent new BT connections (disabling the AB5301A inquiry and page scan procedures) via a crafted LMP packet. The user needs to manually perform a power cycle (restart) of the device to restore BT connectivity.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Bluetrum ≫ Ab5301a Firmware Version-

Bluetrum ≫ Ab5301a Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.13%	0.337

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.5	2.8	3.6	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	3.3	6.5	2.9	AV:A/AC:L/Au:N/C:N/I:N/A:P

https://dl.packetstormsecurity.net/papers/general/braktooth.pdf

Third Party Advisory

Technical Description

http://www.bluetrum.com/product/ab5301a.html

Vendor Advisory

Product

https://nvd.nist.gov/vuln/detail/CVE-2021-34150

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-34150

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-34150

EUVD