CVE-2021-34146: Medium severity cypress cyw920735q60evb-01 vulnerability
The Bluetooth Classic implementation in the Cypress CYW920735Q60EVB does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service and restart (crash) of the device by flooding it with LMPAURand packets after the paging procedure.
Affected Software
Event History
Frequently Asked Questions
What is the severity of CVE-2021-34146?
The severity of CVE-2021-34146 is medium with a severity score of 6.5.
What is the affected software of CVE-2021-34146?
The affected software of CVE-2021-34146 includes Cypress Cyw920735q60evb-01 Firmware and Cypress Cyw20735b1 Firmware.
How does CVE-2021-34146 impact the Cypress CYW920735Q60EVB device?
CVE-2021-34146 allows attackers in radio range to trigger a denial of service and restart (crash) of the Cypress CYW920735Q60EVB device by flooding it with LMP_AU_Rand packets.
Is Cypress Cyw20735b1 vulnerable to CVE-2021-34146?
No, Cypress Cyw20735b1 is not vulnerable to CVE-2021-34146.
Where can I find more information about CVE-2021-34146?
You can find more information about CVE-2021-34146 in the following references: [link1](https://dl.packetstormsecurity.net/papers/general/braktooth.pdf) and [link2](https://www.cypress.com/documentation/datasheets/cyw20735b1-single-chip-bluetooth-transceiver-wireless-input-devices).