CVEs-PoC/2021/CVE-2021-28139.md at main

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-02-12 18:42:46 +00:00

Files

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

1.0 KiB

Raw Permalink Blame History

CVE-2021-28139

Description

The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly restrict the Feature Page upon reception of an LMP Feature Response Extended packet, allowing attackers in radio range to trigger arbitrary code execution in ESP32 via a crafted Extended Features bitfield payload.

POC

Reference

https://dl.packetstormsecurity.net/papers/general/braktooth.pdf

Github

https://github.com/JeffroMF/awesome-bluetooth-security321
https://github.com/Matheus-Garbelini/braktooth_esp32_bluetooth_classic_attacks
https://github.com/engn33r/awesome-bluetooth-security
https://github.com/iotsrg/IoT-Pentest-devices-and-purpose
https://github.com/sgxgsx/BlueToolkit

1.0 KiB Raw Permalink Blame History

CVE-2021-28139

Description

POC

Reference

Github

1.0 KiB

Raw Permalink Blame History