CVE-2021-28136

Published
View on NVD ↗
CVSS v3
6.5
MEDIUM
CVSS v2
3.3
LOW
Affected
2
PROJECTS

Description

The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly handle the reception of multiple LMP IO Capability Request packets during the pairing process, allowing attackers in radio range to trigger memory corruption (and consequently a crash) in ESP32 via a replayed (duplicated) LMP packet.

espressif/esp-idf
espressif/esp-idf
Espressif IoT Development Framework. Official development framework for Espressif SoCs.
GitHubGitHub
18.2K
espressif/esp32-bt-lib
espressif/esp32-bt-lib
ESP32 Bluetooth stack (below HCI layer) precompiled libraries
GitHubGitHub
89