6.5

CVE-2021-34150

EPSS 0.13%
Published 07.09.2021 06:15:08
Last modified 21.11.2024 06:09:57
Source cve@mitre.org
Teams watchlist Login
Open Login

The Bluetooth Classic implementation on Bluetrum AB5301A devices with unknown firmware versions does not properly handle the reception of oversized DM1 LMP packets while no other BT connections are active, allowing attackers in radio range to prevent new BT connections (disabling the AB5301A inquiry and page scan procedures) via a crafted LMP packet. The user needs to manually perform a power cycle (restart) of the device to restore BT connectivity.

Affected products Warnungen 0 Metrics 3 CWE 0 References 5

Data is provided by the National Vulnerability Database (NVD)

Bluetrum ≫ Ab5301a Firmware Version-

Bluetrum ≫ Ab5301a Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.13%	0.337

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.5	2.8	3.6	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	3.3	6.5	2.9	AV:A/AC:L/Au:N/C:N/I:N/A:P

https://dl.packetstormsecurity.net/papers/general/braktooth.pdf

Third Party Advisory

Technical Description

http://www.bluetrum.com/product/ab5301a.html

Vendor Advisory

Product

https://nvd.nist.gov/vuln/detail/CVE-2021-34150

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-34150

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-34150

EUVD