← volver
CVE-2021-28135

CVE-2021-28135

EPSS 0.8%
The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service (crash) in ESP32 by flooding the target device with LMP Feature Response data.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://dl.packetstormsecurity.net/papers/general/braktooth.pdfhttps://github.com/espressif/esp32-bt-libhttps://github.com/espressif/esp-idfhttps://www.espressif.com/en/products/socs/esp32