Vulnerability Details CVE-2022-30904
In Bestechnic Bluetooth Mesh SDK (BES2300) V1.0, a buffer overflow vulnerability can be triggered during provisioning, because there is no check for the SegN field of the Transaction Start PDU.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 8.3%
CVSS Severity
CVSS v3 Score 8.2
References
Products affected by CVE-2022-30904
-
cpe:2.3:a:bestechnic:bluetooth_mesh_software_development_kit:1.0
-
cpe:2.3:h:bestechnic:bes2300:-