Vulnerability: Event Deadlock and Crash in STMicroelectronics BLE Stack for STM32WB5x Devices

Vulnerability: Event Deadlock and Crash in STMicroelectronics BLE Stack for STM32WB5x Devices

CVE-2019-19192 · MEDIUM Severity

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

The Bluetooth Low Energy implementation on STMicroelectronics BLE Stack through 1.3.1 for STM32WB5x devices does not properly handle consecutive Attribute Protocol (ATT) requests on reception, allowing attackers in radio range to cause an event deadlock or crash via crafted packets.

Learn more about our Web Application Penetration Testing UK.