CVE-2024-6657

Nov. 4, 2024, 3:15 p.m.

6.5
Medium

Description

A denial of service may be caused to a single peripheral device in a BLE network when multiple central devices continuously connect and disconnect to the peripheral. A hard reset is required to recover the peripheral device.

Product(s) Impacted

Product Versions
Silicon Labs Bluetooth SDK
  • []

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-821
Incorrect Synchronization
The product utilizes a shared resource in a concurrent manner, but it does not correctly synchronize access to the resource.

References

https://community.silabs.com/068Vm00000FfVNN

Tags

product-security@silabs.com
CWE-821
2024-10-11
CVE-2024-6657

CVSS Score

6.5 / 10

CVSS Data - 3.1

  • Attack Vector: ADJACENT_NETWORK
  • Attack Complexity: LOW
  • Privileges Required: NONE
  • Scope: UNCHANGED
  • Confidentiality Impact: NONE
  • Integrity Impact: NONE
  • Availability Impact: HIGH

    • CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

    View Vector String

Timeline

Published: Oct. 11, 2024, 2:15 p.m.
Last Modified: Nov. 4, 2024, 3:15 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

product-security@silabs.com

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.