← back
CVE-2020-13594

CVE-2020-13594

EPSS 0.8%
The Bluetooth Low Energy (BLE) controller implementation in Espressif ESP-IDF 4.2 and earlier (for ESP32 devices) does not properly restrict the channel map field of the connection request packet on reception, allowing attackers in radio range to cause a denial of service (crash) via a crafted packet.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://asset-group.github.io/cves.htmlhttps://asset-group.github.io/disclosures/sweyntooth/https://github.com/espressif/esp32-bt-lib