SWRA805 Cybersecurity advisory

TI PSIRT ID

TI-PSIRT-2019-050023

CVE ID

CVE-2019-15948

CVSS Score

7.6

CVSS Vector

CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H

Affected Products

CC256XC-BT-SP (v1.2 or earlier)
CC256XB-BT-SP (v1.8 or earlier)
WL18XX-BT-SP (v4.4 or earlier)

Note: The TI CC26xx, CC13xx and CC254x Bluetooth Low Energy wireless MCUs are not affected by this vulnerability.

Potentially Impacted Features

This potential vulnerability is only exploitable if one of the affected devices mentioned above is configured to use the Bluetooth Low Energy feature, and the LE scan (observer) is enabled in Bluetooth Low Energy. If Bluetooth Low Energy is disabled or configured in broadcaster/advertiser role or in peripheral role with no scan enabled, the exploit is not possible.

Suggested Mitigations

The following service-pack releases address the vulnerability described in the CVE-2019-15948.

CC256XC-BT-SP
CC256XB-BT-SP (see note below)
WL18XX-BT-SP

Note: For information on CC256XB, or other TI dual-mode Bluetooth devices that are not listed above, please contact ti_bt_errata@list.ti.com.

Acknowledgments

TI would like to thank Veronica Kovah, from Dark Mentor LLC, for reporting this vulnerability to TI PSIRT and working toward a coordinated disclosure.

2 Vulnerability