CVE-2021-31786
BRAKTOOTH: Causing Havoc on Bluetooth Link Manager
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The Bluetooth Classic Audio implementation on Actions ATS2815 and ATS2819 devices does not properly handle a connection attempt from a host with the same BDAddress as the current connected BT host, allowing attackers to trigger a disconnection and deadlock of the device by connecting with a forged BDAddress that matches the original connected host.
Una implementación de Bluetooth Classic Audio en los dispositivos Actions ATS2815 y ATS2819, no maneja apropiadamente un intento de conexión desde un host con la misma dirección BDAddress que el host BT conectado en ese momento, permitiendo a atacantes desencadenar una desconexión y un bloqueo del dispositivo al conectarse con una dirección BDAddress falsificada que coincide con el host conectado original
This whitepaper discusses BRAKTOOTH, a family of new security vulnerabilities in commercial BT stacks that range from denial of service (DoS) via firmware crashes and deadlocks in commodity hardware to arbitrary code execution (ACE) in certain IoTs.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-04-23 CVE Reserved
- 2021-09-03 CVE Published
- 2024-08-03 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-667: Improper Locking
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| https://dl.packetstormsecurity.net/papers/general/braktooth.pdf | Technical Description | |
| https://launchstudio.bluetooth.com/ListingDetails/76427 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.actions-semi.com/index.php?id=3581&siteId=4 | 2022-07-12 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Actions-semi Search vendor "Actions-semi" | Ats2819p Firmware Search vendor "Actions-semi" for product "Ats2819p Firmware" | - | - |
Affected
| in | Actions-semi Search vendor "Actions-semi" | Ats2819p Search vendor "Actions-semi" for product "Ats2819p" | - | - |
Safe
|
| Actions-semi Search vendor "Actions-semi" | Ats2815 Firmware Search vendor "Actions-semi" for product "Ats2815 Firmware" | - | - |
Affected
| in | Actions-semi Search vendor "Actions-semi" | Ats2815 Search vendor "Actions-semi" for product "Ats2815" | - | - |
Safe
|
| Actions-semi Search vendor "Actions-semi" | Ats2819 Firmware Search vendor "Actions-semi" for product "Ats2819 Firmware" | - | - |
Affected
| in | Actions-semi Search vendor "Actions-semi" | Ats2819 Search vendor "Actions-semi" for product "Ats2819" | - | - |
Safe
|
| Actions-semi Search vendor "Actions-semi" | Ats2819s Firmware Search vendor "Actions-semi" for product "Ats2819s Firmware" | - | - |
Affected
| in | Actions-semi Search vendor "Actions-semi" | Ats2819s Search vendor "Actions-semi" for product "Ats2819s" | - | - |
Safe
|
| Actions-semi Search vendor "Actions-semi" | Ats2819t Firmware Search vendor "Actions-semi" for product "Ats2819t Firmware" | - | - |
Affected
| in | Actions-semi Search vendor "Actions-semi" | Ats2819t Search vendor "Actions-semi" for product "Ats2819t" | - | - |
Safe
|