Stay informed with our latest blog post as we delve into the intricacies of SweynTooth – a series of vulnerabilities affecting Bluetooth Low Energy (BLE) software.
Our experts discuss everything from its discovery to mitigation strategies, ensuring our readers have a comprehensive understanding of this cybersecurity threat.
We understand the complexities of SweynTooth and are excited to share our knowledge, providing you with the best protection for your devices and networks against this unique vulnerability.
SweynTooth is an alarming name being heard in the tech news lately. This is due to the critical vulnerabilities found on Bluetooth Stacks from some leading manufacturers.
This vulnerability could potentially put millions of internet-enabled devices around the world at risk.
Table of Contents
SweynTooth can be used to carry out Denial of Service (DoS) attacks or other malicious activities. Learn more about how to protect yourself and your devices from this threat.
SweynTooth Capabilities
Crash Devices –
Dealock devices –
Bypass Security –
Manufacturers Affected
- Dialog Semiconductors
- Microchip
- STMicroelectronics
- Telink SemiconductorTexas Instruments
- NXP
- Cypress
Public CVEs
| Vulnerability | CVE(s) | Vendor | Script file |
|---|---|---|---|
| Link Layer Length Overflow | CVE-2019-16336 CVE-2019-17519 | Cypress NXP | link_layer_length_overflow.py |
| LLID Deadlock | CVE-2019-17061 CVE-2019-17060 | Cypress NXP | llid_dealock.py |
| Truncated L2CAP | CVE-2019-17517 | Dialog | DA14580_exploit_att_crash.py |
| Silent Length Overflow | CVE-2019-17518 | Dialog | DA14680_exploit_silent_overflow.py |
| Public Key Crash | CVE-2019-17520 | Texas Instruments | CC2640R2_public_key_crash.py |
| Invalid Connection Request | CVE-2019-19193 | Texas Instruments | CC_connection_req_crash.py |
| Invalid L2CAP Fragment | CVE-2019-19195 | Microchip | Microchip_invalid_lcap_fragment.py |
| Sequential ATT Deadlock | CVE-2019-19192 | STMicroelectronics | sequential_att_deadlock.py |
| Key Size Overflow | CVE-2019-19196 | Telink | Telink_key_size_overflow.py |
| Zero LTK Installation | CVE-2019-19194 | Telink | Telink_zero_ltk_installation.py |
| DHCheck Skip | CVE-2020-13593 | Texas Instruments | non_compliance_dhcheck_skip.py |
| ESP32 HCI Desync | CVE-2020-13595 | Espressif Systems | esp32_hci_desync.py |
| Zephyr Invalid Sequence | CVE-2020-10061 | Zephyr Project | zephyr_invalid_sequence.py |
| Invalid Channel Map | CVE-2020-10069 CVE-2020-13594 | Zephyr Project Espressif Systems Microchip | invalid_channel_map.py |
