Bluetooth Classic Implementation Vulnerability: Denial of Service via Crafted LMP Packets
CVE-2021-31785 · MEDIUM Severity
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
The Bluetooth Classic implementation on Actions ATS2815 and ATS2819 chipsets does not properly handle the reception of multiple LMP_host_connection_req packets, allowing attackers in radio range to trigger a denial of service (deadlock) of the device via crafted LMP packets. Manual user intervention is required to restart the device and restore Bluetooth communication.
Learn more about our User Device Pen Test.