Cc2640 CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2019-19193	1 Ti	4 Ble-stack, Cc2540\/1, Cc2640r2 and 1 more	2024-11-21	6.5 Medium
The Bluetooth Low Energy peripheral implementation on Texas Instruments SIMPLELINK-CC2640R2-SDK through 3.30.00.20 and BLE-STACK through 1.5.0 before Q4 2019 for CC2640R2 and CC2540/1 devices does not properly restrict the advertisement connection request packet on reception, allowing attackers in radio range to cause a denial of service (crash) via a crafted packet.
CVE-2019-17520	1 Ti	2 Cc2640r2, Cc2640r2 Software Development Kit	2024-11-21	6.5 Medium
The Bluetooth Low Energy implementation on Texas Instruments SDK through 3.30.00.20 for CC2640R2 devices does not properly restrict the SM Public Key packet on reception, allowing attackers in radio range to cause a denial of service (crash) via crafted packets.
CVE-2018-16986	1 Ti	5 Ble-stack, Cc1350, Cc2640 and 2 more	2024-11-21	N/A
Texas Instruments BLE-STACK v2.2.1 for SimpleLink CC2640 and CC2650 devices allows remote attackers to execute arbitrary code via a malformed packet that triggers a buffer overflow.

Page 1 of 1.