CVE-2021-31786

Severity Score

6.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The Bluetooth Classic Audio implementation on Actions ATS2815 and ATS2819 devices does not properly handle a connection attempt from a host with the same BDAddress as the current connected BT host, allowing attackers to trigger a disconnection and deadlock of the device by connecting with a forged BDAddress that matches the original connected host.

Una implementación de Bluetooth Classic Audio en los dispositivos Actions ATS2815 y ATS2819, no maneja apropiadamente un intento de conexión desde un host con la misma dirección BDAddress que el host BT conectado en ese momento, permitiendo a atacantes desencadenar una desconexión y un bloqueo del dispositivo al conectarse con una dirección BDAddress falsificada que coincide con el host conectado original

*Credits: N/A

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Adjacent

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2021-04-23 CVE Reserved
2021-09-03 CVE Published
2024-05-23 EPSS Updated
2024-08-03 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-667: Improper Locking

CAPEC

References (3)

URL	Tag	Source
https://dl.packetstormsecurity.net/papers/general/braktooth.pdf	Technical Description
https://launchstudio.bluetooth.com/ListingDetails/76427	Third Party Advisory

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://www.actions-semi.com/index.php?id=3581&siteId=4	2022-07-12

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Actions-semi Search vendor "Actions-semi"	Ats2819p Firmware Search vendor "Actions-semi" for product "Ats2819p Firmware"	-	-	Affected	in	Actions-semi Search vendor "Actions-semi"	Ats2819p Search vendor "Actions-semi" for product "Ats2819p"	-	-	Safe
Actions-semi Search vendor "Actions-semi"	Ats2815 Firmware Search vendor "Actions-semi" for product "Ats2815 Firmware"	-	-	Affected	in	Actions-semi Search vendor "Actions-semi"	Ats2815 Search vendor "Actions-semi" for product "Ats2815"	-	-	Safe
Actions-semi Search vendor "Actions-semi"	Ats2819 Firmware Search vendor "Actions-semi" for product "Ats2819 Firmware"	-	-	Affected	in	Actions-semi Search vendor "Actions-semi"	Ats2819 Search vendor "Actions-semi" for product "Ats2819"	-	-	Safe
Actions-semi Search vendor "Actions-semi"	Ats2819s Firmware Search vendor "Actions-semi" for product "Ats2819s Firmware"	-	-	Affected	in	Actions-semi Search vendor "Actions-semi"	Ats2819s Search vendor "Actions-semi" for product "Ats2819s"	-	-	Safe
Actions-semi Search vendor "Actions-semi"	Ats2819t Firmware Search vendor "Actions-semi" for product "Ats2819t Firmware"	-	-	Affected	in	Actions-semi Search vendor "Actions-semi"	Ats2819t Search vendor "Actions-semi" for product "Ats2819t"	-	-	Safe