SweynTooth is an alarming name being heard in the tech news lately. This is due to the critical vulnerabilities found on Bluetooth Stacks from some leading manufacturers. This vulnerability could potentially put millions of internet-enabled devices around the world at risk.
Table of Contents
SweynTooth can be used to carry out Denial of Service (DoS) attacks or other malicious activities. Learn more about how to protect yourself and your devices from this threat.
SweynTooth Capabilities
Crash Devices –
Dealock devices –
Bypass Security –
Manufacturers Affected
- Dialog Semiconductors
- Microchip
- STMicroelectronics
- Telink SemiconductorTexas Instruments
- NXP
- Cypress
Public CVEs
Vulnerability | CVE(s) | Vendor | Script file |
---|---|---|---|
Link Layer Length Overflow | CVE-2019-16336 CVE-2019-17519 | Cypress NXP | link_layer_length_overflow.py |
LLID Deadlock | CVE-2019-17061 CVE-2019-17060 | Cypress NXP | llid_dealock.py |
Truncated L2CAP | CVE-2019-17517 | Dialog | DA14580_exploit_att_crash.py |
Silent Length Overflow | CVE-2019-17518 | Dialog | DA14680_exploit_silent_overflow.py |
Public Key Crash | CVE-2019-17520 | Texas Instruments | CC2640R2_public_key_crash.py |
Invalid Connection Request | CVE-2019-19193 | Texas Instruments | CC_connection_req_crash.py |
Invalid L2CAP Fragment | CVE-2019-19195 | Microchip | Microchip_invalid_lcap_fragment.py |
Sequential ATT Deadlock | CVE-2019-19192 | STMicroelectronics | sequential_att_deadlock.py |
Key Size Overflow | CVE-2019-19196 | Telink | Telink_key_size_overflow.py |
Zero LTK Installation | CVE-2019-19194 | Telink | Telink_zero_ltk_installation.py |
DHCheck Skip | CVE-2020-13593 | Texas Instruments | non_compliance_dhcheck_skip.py |
ESP32 HCI Desync | CVE-2020-13595 | Espressif Systems | esp32_hci_desync.py |
Zephyr Invalid Sequence | CVE-2020-10061 | Zephyr Project | zephyr_invalid_sequence.py |
Invalid Channel Map | CVE-2020-10069 CVE-2020-13594 | Zephyr Project Espressif Systems Microchip | invalid_channel_map.py |
ICS Alert (ICS-ALERT-20-063-01)
After