CVE-2019-19192

The Bluetooth Low Energy implementation on STMicroelectronics BLE Stack through 1.3.1 for STM32WB5x devices does not properly handle consecutive Attribute Protocol (ATT) requests on reception, allowing attackers in radio range to cause an event deadlock or crash via crafted packets.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 31%
VendorProductVersion
stwb55
𝑥
≤ 1.3.1
stbluenrg-2
𝑥
≤ 1.3.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://asset-group.github.io/disclosures/sweyntooth/
https://asset-group.github.io/disclosures/sweyntooth/