CVE-2021-31785

The Bluetooth Classic implementation on Actions ATS2815 and ATS2819 chipsets does not properly handle the reception of multiple LMP_host_connection_req packets, allowing attackers in radio range to trigger a denial of service (deadlock) of the device via crafted LMP packets. Manual user intervention is required to restart the device and restore Bluetooth communication.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 29%
VendorProductVersion
actions-semiats2819p_firmware
-
actions-semiats2815_firmware
-
actions-semiats2819_firmware
-
actions-semiats2819s_firmware
-
actions-semiats2819t_firmware
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://dl.packetstormsecurity.net/papers/general/braktooth.pdf
https://launchstudio.bluetooth.com/ListingDetails/76427
https://www.actions-semi.com/index.php?id=3581&siteId=4
https://dl.packetstormsecurity.net/papers/general/braktooth.pdf
https://launchstudio.bluetooth.com/ListingDetails/76427
https://www.actions-semi.com/index.php?id=3581&siteId=4