mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-07 11:06:19 +00:00
914 B
914 B
CVE-2019-15948
Description
Texas Instruments CC256x and WL18xx dual-mode Bluetooth controller devices, when LE scan mode is used, allow remote attackers to trigger a buffer overflow via a malformed Bluetooth Low Energy advertising packet, to cause a denial of service or potentially execute arbitrary code. This affects CC256xC-BT-SP 1.2, CC256xB-BT-SP 1.8, and WL18xx-BT-SP 4.4.
POC
Reference
- https://github.com/darkmentorllc/jackbnimble/blob/master/host/pocs/ti_wl18xx_adv_rce.py
- https://www.youtube.com/watch?v=bk5lOxieqbA