Vulnerability Details CVE-2020-15531
Silicon Labs Bluetooth Low Energy SDK before 2.13.3 has a buffer overflow via packet data. This is an over-the-air remote code execution vulnerability in Bluetooth LE in EFR32 SoCs and associated modules running Bluetooth SDK, supporting Central or Observer roles.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.097
EPSS Ranking 92.5%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 5.8
References
- https://github.com/darkmentorllc/jackbnimble/blob/master/host/pocs/silabs_efr32_extadv_rce.py
- https://github.com/darkmentorllc/publications/tree/master/2020/TI_SILABS_BLE_RCEs
- https://www.blackhat.com/us-20/briefings/schedule/#finding-new-bluetooth-low-energy-exploits-via-reverse-engineering-multiple-vendors-firmwares-19655
- https://www.youtube.com/watch?v=saoTr1NwdzM
- https://github.com/darkmentorllc/jackbnimble/blob/master/host/pocs/silabs_efr32_extadv_rce.py
- https://github.com/darkmentorllc/publications/tree/master/2020/TI_SILABS_BLE_RCEs
- https://www.blackhat.com/us-20/briefings/schedule/#finding-new-bluetooth-low-energy-exploits-via-reverse-engineering-multiple-vendors-firmwares-19655
- https://www.youtube.com/watch?v=saoTr1NwdzM
Products affected by CVE-2020-15531
-
cpe:2.3:a:silabs:bluetooth_low_energy_software_development_kit:-
-
cpe:2.3:a:silabs:bluetooth_low_energy_software_development_kit:2.13.0.0
-
cpe:2.3:a:silabs:bluetooth_low_energy_software_development_kit:2.13.1.0
-
cpe:2.3:a:silabs:bluetooth_low_energy_software_development_kit:2.13.2.0