Buffer Overflow Vulnerability in Bestechnic Bluetooth Mesh SDK (BES2300) V1.0 during Provisioning
CVE-2022-30904 · HIGH Severity
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
In Bestechnic Bluetooth Mesh SDK (BES2300) V1.0, a buffer overflow vulnerability can be triggered during provisioning, because there is no check for the SegN field of the Transaction Start PDU.
Learn more about our Web Application Penetration Testing UK.