#VU56324 Heap-based buffer overflow in Cypress Semiconductor Corporation products - CVE-2021-34143

Cybersecurity Help s.r.o.

Published: 2021-09-06

Vulnerability identifier: #VU56324

Vulnerability risk: Low

CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-34143

CWE-ID: CWE-122

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
AB32VG1
Hardware solutions / Firmware
CC256XCQFN-EM
Hardware solutions / Firmware
CYW920735Q60EVB
Hardware solutions / Firmware
AC6366C_DEMO_V1.0
Hardware solutions / Firmware

Vendor: Texas Instruments Incorporated
Cypress Semiconductor Corporation

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to the Bluetooth Classic implementation on several chipsets does not properly handle the reception of continuous unsolicited LMP responses. A remote attacker in radio range can pass specially crafted data to the application, trigger heap-based buffer overflow and cause a denial of service condition on the target system.

Mitigation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

AB32VG1: All versions

CC256XCQFN-EM: All versions

CYW920735Q60EVB: All versions

AC6366C_DEMO_V1.0: All versions

External links
https://asset-group.github.io/disclosures/braktooth/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Cypress CYW920735Q60EVB

Multiple vulnerabilities in Texas Instruments CC256XCQFN-EM

Multiple vulnerabilities in Bluetrum Technology AB32VG1

Multiple vulnerabilities in Zhuhai Jieli Technology AC6366C_DEMO_V1.0