CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-2683 – Connection update while closing connection may lead to denial-of-service
https://notcve.org/view.php?id=CVE-2023-2683
A memory leak in the EFR32 Bluetooth LE stack 5.1.0 through 5.1.1 allows an attacker to send an invalid pairing message and cause future legitimate connection attempts to fail. A reset of the device immediately clears the error. • https://github.com/SiliconLabs https://https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000U2U1QQAV?operationContext=S1 • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 2CVE-2020-15531
https://notcve.org/view.php?id=CVE-2020-15531
Silicon Labs Bluetooth Low Energy SDK before 2.13.3 has a buffer overflow via packet data. This is an over-the-air remote code execution vulnerability in Bluetooth LE in EFR32 SoCs and associated modules running Bluetooth SDK, supporting Central or Observer roles. Silicon Labs Bluetooth Low Energy SDK versiones anteriores a 2.13.3, presenta un desbordamiento de búfer por medio de paquetes de datos. Esta es una vulnerabilidad de ejecución de código remota por aire en Bluetooth LE en los SoC EFR32 y módulos asociados que ejecutan Bluetooth SDK, que admiten funciones de Central u Observer. • https://github.com/darkmentorllc/jackbnimble/blob/master/host/pocs/silabs_efr32_extadv_rce.py https://github.com/darkmentorllc/publications/tree/master/2020/TI_SILABS_BLE_RCEs https://www.blackhat.com/us-20/briefings/schedule/#finding-new-bluetooth-low-energy-exploits-via-reverse-engineering-multiple-vendors-firmwares-19655 https://www.youtube.com/watch?v=saoTr1NwdzM • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-15532
https://notcve.org/view.php?id=CVE-2020-15532
Silicon Labs Bluetooth Low Energy SDK before 2.13.3 has a buffer overflow via packet data. This is an over-the-air denial of service vulnerability in Bluetooth LE in EFR32 SoCs and associated modules running Bluetooth SDK, supporting Central or Observer roles. Silicon Labs Bluetooth Low Energy SDK versiones anteriores a 2.13.3, presenta un desbordamiento de búfer por medio de paquetes de datos. Se trata de una vulnerabilidad de denegación de servicio por aire en Bluetooth LE en los SoC EFR32 y módulos asociados que ejecutan Bluetooth SDK, admitiendo los roles Central u Observer. • https://github.com/darkmentorllc/jackbnimble/blob/master/host/pocs/silabs_efr32_extadv_dos.py https://github.com/darkmentorllc/publications/tree/master/2020/TI_SILABS_BLE_RCEs https://www.blackhat.com/us-20/briefings/schedule/#finding-new-bluetooth-low-energy-exploits-via-reverse-engineering-multiple-vendors-firmwares-19655 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •