CVE-2024-48289: Medium severity cypress bluetooth sdk vulnerability
Published Nov 1, 2024
·Updated
An issue in the Bluetooth Low Energy implementation of Cypress Bluetooth SDK v3.66 allows attackers to cause a Denial of Service (DoS) via supplying a crafted LLPAUSEENCREQ packet.
Affected Software
1 affected component
Cypress Bluetooth SDK
Event History
Nov 1, 2024
CVE Published
via MITRE·12:00 AM
Data Sourced
via MITRE·12:00 AM
Description
Data Sourced
via NVD·03:15 PM
DescriptionSeverityWeakness
Frequently Asked Questions
1
What is the severity of CVE-2024-48289?
CVE-2024-48289 is classified as a Denial of Service (DoS) vulnerability.
2
How do I fix CVE-2024-48289?
To fix CVE-2024-48289, update to a patched version of the Cypress Bluetooth SDK beyond v3.66.
3
What type of attack does CVE-2024-48289 allow?
CVE-2024-48289 allows attackers to execute a Denial of Service attack by sending a crafted LL_PAUSE_ENC_REQ packet.
4
Which software is affected by CVE-2024-48289?
CVE-2024-48289 affects the Cypress Bluetooth SDK version 3.66.
5
How can I mitigate risks associated with CVE-2024-48289?
Mitigating risks associated with CVE-2024-48289 involves ensuring the use of the latest security patches and updates for the Cypress Bluetooth SDK.