Bluetooth Low Energy Vulnerability in Espressif ESP-IDF for ESP32 Devices
CVE-2020-13595

6.5MEDIUM

Key Information:

Vendor

Espressif

Status
Esp-idf
Vendor
CVE Published:
31 August 2020

What is CVE-2020-13595?

The Bluetooth Low Energy (BLE) controller in Espressif ESP-IDF versions 4.0 to 4.2 for ESP32 devices is susceptible to an issue where it incorrectly handles the count of completed BLE packets. This vulnerability arises when a packet with a message integrity check (MIC) failure is received, leading to a reachable assertion on the host stack. An attacker within radio range can exploit this flaw by sending a specially crafted series of BLE packets, which triggers the assertion that effectively disables the BLE functionality of the target device, rendering it unresponsive to further BLE communications.

References

https://asset-group.github.io/disclosures/sweyntooth/
x_refsource_MISC
https://asset-group.github.io/cves.html
x_refsource_MISC
https://github.com/espressif/esp32-bt-lib
x_refsource_MISC

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.