CVE-2019-15948

moderate-risk
Published 2019-11-13

Texas Instruments CC256x and WL18xx dual-mode Bluetooth controller devices, when LE scan mode is used, allow remote attackers to trigger a buffer overflow via a malformed Bluetooth Low Energy advertising packet, to cause a denial of service or potentially execute arbitrary code. This affects CC256xC-BT-SP 1.2, CC256xB-BT-SP 1.8, and WL18xx-BT-SP 4.4.

Do I need to act?

~
4.2% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.8/10 High
ADJACENT_NETWORK / LOW complexity

Affected Products (3)

Cc256Xc-Bt-Sp Firmware
Cc256Xb-Bt-Sp Firmware
Wl18Xx-Bt-Sp Firmware

Affected Vendors

Ti

References (10)

Third Party Advisory https://e2e.ti.com/support/wireless-connectivity/bluetooth/f/538/t/856161
https://github.com/darkmentorllc/jackbnimble/blob/master/host/pocs/ti_wl18xx_adv...
https://github.com/darkmentorllc/publications/tree/master/2020/TI_SILABS_BLE_RCE...
Not Applicable https://www.linkedin.com/in/veronica-kovah-2587185
https://www.youtube.com/watch?v=bk5lOxieqbA
Third Party Advisory https://e2e.ti.com/support/wireless-connectivity/bluetooth/f/538/t/856161
https://github.com/darkmentorllc/jackbnimble/blob/master/host/pocs/ti_wl18xx_adv...
https://github.com/darkmentorllc/publications/tree/master/2020/TI_SILABS_BLE_RCE...
Not Applicable https://www.linkedin.com/in/veronica-kovah-2587185
https://www.youtube.com/watch?v=bk5lOxieqbA
43
/ 100
moderate-risk
Severity 27/34 · High
Exploitability 7/34 · Low
Exposure 9/34 · Low