CVE-2020-15531

HIGH

Silicon Labs Bluetooth Low Energy SDK < 2.13.3.0 - Remote Code Execution via Packet Data Buffer Overflow

Title source: llm
STIX 2.1

Description

Silicon Labs Bluetooth Low Energy SDK before 2.13.3 has a buffer overflow via packet data. This is an over-the-air remote code execution vulnerability in Bluetooth LE in EFR32 SoCs and associated modules running Bluetooth SDK, supporting Central or Observer roles.

Scores

CVSS v3 8.8
EPSS 0.0316
EPSS Percentile 86.4%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-120
Status published
Products (1)
silabs/bluetooth_low_energy_software_development_kit < 2.13.3.0
Published Aug 20, 2020
Tracked Since Feb 18, 2026