Vulnerability Details CVE-2019-19193
The Bluetooth Low Energy peripheral implementation on Texas Instruments SIMPLELINK-CC2640R2-SDK through 3.30.00.20 and BLE-STACK through 1.5.0 before Q4 2019 for CC2640R2 and CC2540/1 devices does not properly restrict the advertisement connection request packet on reception, allowing attackers in radio range to cause a denial of service (crash) via a crafted packet.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.7%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 6.1
References
Products affected by CVE-2019-19193
-
cpe:2.3:a:ti:ble-stack:1.5.0
-
cpe:2.3:a:ti:cc2640r2_software_development_kit:*
-
cpe:2.3:h:ti:cc2540/1:*
-
cpe:2.3:h:ti:cc2640r2:-