CVE-2021-31610 - OpenCVE

The Bluetooth Classic implementation on AB32VG1 devices does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service (either restart or deadlock the device) by flooding a device with LMP_AU_rand data.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:A/AC:L/Au:N/C:N/I:N/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Bluetrum	Ab5376t Ab5376t Firmware Bt8896a Bt8896a Firmware
Mi	Mi True Wireless Earbuds Basic 2 Mi True Wireless Earbuds Basic 2 Firmware

Configuration 1 [-]

AND

cpe:2.3:h:mi:mi_true_wireless_earbuds_basic_2:-:*:*:*:*:*:*:*

cpe:2.3:o:mi:mi_true_wireless_earbuds_basic_2_firmware:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:h:bluetrum:ab5376t:-:*:*:*:*:*:*:*

cpe:2.3:o:bluetrum:ab5376t_firmware:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:h:bluetrum:bt8896a:-:*:*:*:*:*:*:*

cpe:2.3:o:bluetrum:bt8896a_firmware:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.bluetrum.com/product/ab5376t.html
http://www.bluetrum.com/product/bt8896a.html
https://dl.packetstormsecurity.net/papers/general/braktooth.pdf
https://www.mi.com/global/mi-true-wireless-earbuds-basic-2/

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-09-07T06:14:08

Updated: 2024-08-03T23:03:33.652Z

Reserved: 2021-04-23T00:00:00

Link: CVE-2021-31610

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-09-07T07:15:06.990

Modified: 2021-09-13T17:44:19.250

Link: CVE-2021-31610

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "The Bluetooth Classic implementation on AB32VG1 devices does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service (either restart or deadlock the device) by flooding a device with LMP_AU_rand data."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-09-07T06:14:08", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.bluetrum.com/product/bt8896a.html"}, {"tags": ["x_refsource_MISC"], "url": "http://www.bluetrum.com/product/ab5376t.html"}, {"tags": ["x_refsource_MISC"], "url": "https://www.mi.com/global/mi-true-wireless-earbuds-basic-2/"}, {"tags": ["x_refsource_MISC"], "url": "https://dl.packetstormsecurity.net/papers/general/braktooth.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-31610", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Bluetooth Classic implementation on AB32VG1 devices does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service (either restart or deadlock the device) by flooding a device with LMP_AU_rand data."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.bluetrum.com/product/bt8896a.html", "refsource": "MISC", "url": "http://www.bluetrum.com/product/bt8896a.html"}, {"name": "http://www.bluetrum.com/product/ab5376t.html", "refsource": "MISC", "url": "http://www.bluetrum.com/product/ab5376t.html"}, {"name": "https://www.mi.com/global/mi-true-wireless-earbuds-basic-2/", "refsource": "MISC", "url": "https://www.mi.com/global/mi-true-wireless-earbuds-basic-2/"}, {"name": "https://dl.packetstormsecurity.net/papers/general/braktooth.pdf", "refsource": "MISC", "url": "https://dl.packetstormsecurity.net/papers/general/braktooth.pdf"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T23:03:33.652Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.bluetrum.com/product/bt8896a.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.bluetrum.com/product/ab5376t.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.mi.com/global/mi-true-wireless-earbuds-basic-2/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://dl.packetstormsecurity.net/papers/general/braktooth.pdf"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-31610", "datePublished": "2021-09-07T06:14:08", "dateReserved": "2021-04-23T00:00:00", "dateUpdated": "2024-08-03T23:03:33.652Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:mi:mi_true_wireless_earbuds_basic_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "CEA8DDB5-A27E-439D-ACD9-36E547E7B4A2", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:mi:mi_true_wireless_earbuds_basic_2_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2272E572-C4D7-4BA0-9A77-14B9D071121D", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:bluetrum:ab5376t:-:*:*:*:*:*:*:*", "matchCriteriaId": "9C3017AC-5C3D-497A-919F-7FC0131046F0", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:bluetrum:ab5376t_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F9246326-6F6B-4178-BE55-9EDB59A2BB06", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:bluetrum:bt8896a:-:*:*:*:*:*:*:*", "matchCriteriaId": "45F9BE6A-33E3-4006-A897-961C6B6002BF", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:bluetrum:bt8896a_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "43C77BBB-E11D-4A12-AFFC-7480C0A40C43", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Bluetooth Classic implementation on AB32VG1 devices does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service (either restart or deadlock the device) by flooding a device with LMP_AU_rand data."}, {"lang": "es", "value": "La implementaci\u00f3n de Bluetooth Classic en los dispositivos AB32VG1, no maneja apropiadamente la recepci\u00f3n de respuestas LMP continuas no solicitadas, que permite a atacantes en el rango de radio desencadenar una denegaci\u00f3n de servicio (reiniciar o bloquear el dispositivo) inundando un dispositivo con datos LMP_AU_rand"}], "id": "CVE-2021-31610", "lastModified": "2021-09-13T17:44:19.250", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-09-07T07:15:06.990", "references": [{"source": "cve@mitre.org", "tags": ["Product", "Vendor Advisory"], "url": "http://www.bluetrum.com/product/ab5376t.html"}, {"source": "cve@mitre.org", "tags": ["Product", "Vendor Advisory"], "url": "http://www.bluetrum.com/product/bt8896a.html"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "https://dl.packetstormsecurity.net/papers/general/braktooth.pdf"}, {"source": "cve@mitre.org", "tags": ["Not Applicable"], "url": "https://www.mi.com/global/mi-true-wireless-earbuds-basic-2/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}