Description

The Bluetooth Classic implementation on Bluetrum AB5301A devices with unknown firmware versions does not properly handle the reception of oversized DM1 LMP packets while no other BT connections are active, allowing attackers in radio range to prevent new BT connections (disabling the AB5301A inquiry and page scan procedures) via a crafted LMP packet. The user needs to manually perform a power cycle (restart) of the device to restore BT connectivity.

Related CPE's

o

bluetrum

ab5301a_firmware

-

Vulnerable

h

bluetrum

ab5301a

-

References

http://www.bluetrum.com/product/ab5301a.html

ProductVendor Advisory

https://dl.packetstormsecurity.net/papers/general/braktooth.pdf

Technical DescriptionThird Party Advisory

http://www.bluetrum.com/product/ab5301a.html

ProductVendor Advisory

https://dl.packetstormsecurity.net/papers/general/braktooth.pdf

Technical DescriptionThird Party Advisory

Weaknesses

[email protected]

Primary
NVD-CWE-noinfo

CVSS impact metrics

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6.5 · Medium

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2021-09-07T04:15:08.013Z

4 years ago

Last modified

2024-11-21T05:09:57.763Z

1 year ago