Vulnerability Details : CVE-2021-31612
The Bluetooth Classic implementation on Zhuhai Jieli AC690X devices does not properly handle the reception of an oversized LMP packet greater than 17 bytes during the LMP auto rate procedure, allowing attackers in radio range to trigger a deadlock via a crafted LMP packet.
Products affected by CVE-2021-31612
- cpe:2.3:o:zh-jieli:ac6901_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:zh-jieli:ac690n_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:zh-jieli:ac692n_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:zh-jieli:ac6902_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:zh-jieli:ac6903_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:zh-jieli:ac6905_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:zh-jieli:ac6904_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:zh-jieli:ac6907_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:zh-jieli:ac6908_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:zh-jieli:ac6997_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:zh-jieli:ac6998_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:zh-jieli:ac6999_firmware:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-31612
0.09%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 38 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-31612
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.1
|
MEDIUM | AV:A/AC:L/Au:N/C:N/I:N/A:C |
6.5
|
6.9
|
NIST | |
6.5
|
MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.8
|
3.6
|
NIST |
References for CVE-2021-31612
-
http://www.zh-jieli.com/product/68-cn.html
杰理蓝牙系列芯片AC690N/AC692N-珠海市杰理科技股份有限公司Product;Vendor Advisory
-
https://launchstudio.bluetooth.com/ListingDetails/19746
Launch Studio - Listing DetailsThird Party Advisory
-
https://dl.packetstormsecurity.net/papers/general/braktooth.pdf
Broken Link
Jump to