CVE-2020-13593 - The Bluetooth Low Energy Secure Manager Protocol (SMP) implementation in Texas Instruments SimpleLin

CVE-2020-13593

Summary

The Bluetooth Low Energy Secure Manager Protocol (SMP) implementation in Texas Instruments SimpleLink SIMPLELINK-CC2640R2-SDK through 2.2.3 allows the Diffie-Hellman check during the Secure Connection pairing to be skipped if the Link Layer encryption setup is performed earlier. An attacker in radio range can achieve arbitrary read/write access to protected GATT service data, cause a denial of service, or possibly control a device's function by establishing an encrypted session with an unauthenticated Long Term Key (LTK).

References

Vulnerable Configurations

cpe:2.3:a:ti:simplelink-cc2640r2_software_development_kit:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:ti:simplelink-cc2640r2_software_development_kit:2.2.3:*:*:*:*:*:*:*

CVSS

Base:	5.8 (as of 21-07-2021 - 11:39)
Impact:
Exploitability:

CWE

CWE-863

CAPEC

Access

Vector	Complexity	Authentication
ADJACENT_NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:A/AC:L/Au:N/C:P/I:P/A:P

refmap via4

misc

Last major update

21-07-2021 - 11:39

Published

31-08-2020 - 15:15

Last modified

21-07-2021 - 11:39