← voltar
CVE-2021-28135

CVE-2021-28135

EPSS 0.8%
The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service (crash) in ESP32 by flooding the target device with LMP Feature Response data.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://dl.packetstormsecurity.net/papers/general/braktooth.pdfhttps://github.com/espressif/esp32-bt-libhttps://github.com/espressif/esp-idfhttps://www.espressif.com/en/products/socs/esp32