Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ats2815_firmware
(Actions\-Semi)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 3 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-09-07 | CVE-2021-31785 | The Bluetooth Classic implementation on Actions ATS2815 and ATS2819 chipsets does not properly handle the reception of multiple LMP_host_connection_req packets, allowing attackers in radio range to trigger a denial of service (deadlock) of the device via crafted LMP packets. Manual user intervention is required to restart the device and restore Bluetooth communication. | Ats2815_firmware, Ats2819_firmware, Ats2819p_firmware, Ats2819s_firmware, Ats2819t_firmware | 6.5 | ||
| 2021-09-07 | CVE-2021-31786 | The Bluetooth Classic Audio implementation on Actions ATS2815 and ATS2819 devices does not properly handle a connection attempt from a host with the same BDAddress as the current connected BT host, allowing attackers to trigger a disconnection and deadlock of the device by connecting with a forged BDAddress that matches the original connected host. | Ats2815_firmware, Ats2819_firmware, Ats2819p_firmware, Ats2819s_firmware, Ats2819t_firmware | 6.5 | ||
| 2021-11-30 | CVE-2021-31787 | The Bluetooth Classic implementation on Actions ATS2815 chipsets does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service and shutdown of a device by flooding the target device with LMP_features_res packets. | Ats2815_firmware, Ats2819_firmware, Ats2819p_firmware, Ats2819s_firmware, Ats2819t_firmware | 6.5 |