Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Bluetooth Classic implementation in the Cypress WICED BT stack through 2.9.0 for CYW20735B1 does not properly handle the reception of a malformed LMP timing accuracy response followed by multiple reconnections to the link slave, allowing attackers to exhaust device BT resources and eventually trigger a crash via multiple attempts of sending a crafted LMP timing accuracy response followed by a sudden reconnection with a random BDAddress.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cypress WICED BT 输入验证错误漏洞
Vulnerability Description
Cypress WICED BT是cypress的一个全功能的平台。 Cypress WICED BT 存在输入验证错误漏洞,该漏洞源于Cypress WICED BT 堆栈中的 Bluetooth Classic 实现通过 2.9.0 用于 CYW20735B1 无法正确处理接收格式错误的 LMP 定时准确度响应,然后多次重新连接到链路从设备,从而使攻击者可以耗尽设备 BT 资源并最终触发崩溃通过多次尝试发送精心制作的 LMP 计时准确度响应,然后突然与随机 BDAddress 重新连接。
CVSS Information
N/A
Vulnerability Type
N/A