CVE-2019-19192

MEDIUM

STMicroelectronics BLE Stack <1.3.1 - DoS

Title source: llm
STIX 2.1

Description

The Bluetooth Low Energy implementation on STMicroelectronics BLE Stack through 1.3.1 for STM32WB5x devices does not properly handle consecutive Attribute Protocol (ATT) requests on reception, allowing attackers in radio range to cause an event deadlock or crash via crafted packets.

References (1)

Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://asset-group.github.io/disclosures/sweyntooth/

Scores

CVSS v3 6.5
EPSS 0.0104
EPSS Percentile 59.7%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-20
Status published
Products (2)
st/bluenrg-2 < 1.3.1
st/wb55 < 1.3.1
Published Feb 12, 2020
Tracked Since Feb 18, 2026