Executive Summary

Summary
TitleTexas Instruments Bluetooth Low Energy Denial of Service and Remote Code Execution Vulnerability
Informations
Namecisco-sa-20181101-apFirst vendor Publication2018-11-01
VendorCiscoLast vendor Modification2018-11-01
Severity (Vendor) N/ARevisionN/A

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base ScoreN/AAttack RangeN/A
Cvss Impact ScoreN/AAttack ComplexityN/A
Cvss Expoit ScoreN/AAuthenticationN/A
Calculate full CVSS 2.0 Vectors scores

Detail

On November 1st, 2018, Armis announced the presence of a Remote Code Execution (RCE) or Denial of Service (DoS) vulnerability in the Bluetooth Low Energy (BLE) Stack on Texas Instruments (TI) chips CC2640 and CC2650. This vulnerability has been assigned the Common Vulnerabilities and Exposures (CVE) ID of CVE-2018-16986.

The vulnerability is due to a memory corruption condition that may occur when processing malformed BLE frames. An attacker in close proximity to an affected device that is actively scanning could exploit the issue by broadcasting malformed BLE frames. A successful exploit may result in the attacker gaining the ability to execute arbitrary code or cause a denial of service condition on an affected device.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181101-ap ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181101-ap"]

BEGIN PGP SIGNATURE

iQJ5BAEBAgBjBQJb2xllXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50 IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly dEBjaXNjby5jb20+AAoJEJa12PPJBfczIREP/2/Xt0jz+ViZtPkmmadXQGYDpFXu 5e4UY80bw6JyrVzC0TkovHyEMbMPtNTItknVHnWQ02kNcPATJdXqxUFRaIWGYox +IHkJBuTB9XQds6Yh4zRcGW+nbRRfDDp1SCdiroh8pWLMPXMw8Y+1/TkTvy9JVuTz sPnoxnc1rwub8CToTipb4gUcHON96bp+PG+gjSTfp4D1+SwBcg3hNiIhqfxMWN2K SnF0Euj1S/aSCfYUR/63Jvsw55n/ApkhHKtMOOJtqgzogfyZqDRJPKGGULZj7Swj fusVT+XATM6PBcMlh+6g8I2NgU/jHj+an1cjB7Ur5/Wfb4BgMx2o57t3pD1Fb9k0 sNDLUZi/jFG5fy97x6fzj+gWBqfQBSriwIgmL2uVhhEaQAjSKD/bK1KHhfdHVGq3 3zD1IKClAZngxAwjqOz0Hc9yT6syLbe0LGtE1GCDnKm2Zw5aeH83UQTxJ32s21sH VWKWqYNWbbVYKIFQaL7uKl09oc4+UtshuKmYv5s+p2Lq6TLjdW+4xNWzCBzhsV8x xQehajUZ8tDMcGSO6DDuAO5QVZqbCPwYHq8TPsd7pi7OIBfASsbKpmHHF50Z0KhB wT+3AdItPEocRKedCdwaGWrnS5Vi5oL7YXzM+6QB1VrQN235JMNXwuc11DikHbcL 6rDiKqh+8IeTMIeQ =KJ2L END PGP SIGNATURE

_______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com

Original Source

Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...)

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2018-11-06 21:22:01
  • Multiple Updates
2018-11-01 17:18:18
  • First insertion