Vulnerability Description
The Bluetooth Low Energy implementation on Dialog Semiconductor SDK through 5.0.4 for DA14580/1/2/3 devices does not properly restrict the L2CAP payload length, allowing attackers in radio range to cause a buffer overflow via a crafted Link Layer packet.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dialog-Semiconductor | Software Development Kit | <= 5.0.4 |
| Dialog-Semiconductor | Da14580 | - |
| Dialog-Semiconductor | Da14581 | - |
| Dialog-Semiconductor | Da14582 | - |
| Dialog-Semiconductor | Da14583 | - |
Related Weaknesses (CWE)
References
- https://asset-group.github.io/disclosures/sweyntooth/Third Party Advisory
- https://www.dialog-semiconductor.com/products/connectivity/bluetooth-low-energy/Third Party Advisory
- https://asset-group.github.io/disclosures/sweyntooth/Third Party Advisory
- https://www.dialog-semiconductor.com/products/connectivity/bluetooth-low-energy/Third Party Advisory
FAQ
What is CVE-2019-17517?
CVE-2019-17517 is a vulnerability with a CVSS score of 5.7 (MEDIUM). The Bluetooth Low Energy implementation on Dialog Semiconductor SDK through 5.0.4 for DA14580/1/2/3 devices does not properly restrict the L2CAP payload length, allowing attackers in radio range to ca...
How severe is CVE-2019-17517?
CVE-2019-17517 has been rated MEDIUM with a CVSS base score of 5.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-17517?
Check the references section above for vendor advisories and patch information. Affected products include: Dialog-Semiconductor Software Development Kit, Dialog-Semiconductor Da14580, Dialog-Semiconductor Da14581, Dialog-Semiconductor Da14582, Dialog-Semiconductor Da14583.