Search criteria
2 vulnerabilities found for cc2640r2f by ti
VAR-201811-0299
Vulnerability from variot - Updated: 2025-01-30 21:06Texas Instruments BLE-STACK v2.2.1 for SimpleLink CC2640 and CC2650 devices allows remote attackers to execute arbitrary code via a malformed packet that triggers a buffer overflow. Texas Instruments Microcontroller CC2640 and CC2650 Used in the firmware of BLE-Stack Contains a buffer overflow vulnerability. Insufficient memory operation range (CWE-119) - CVE-2018-16986 Texas Instruments Microcontroller CC2640 and CC2650 Used in the firmware of BLE-Stack Is BLE advertising There is a problem with packet processing. In the chip ROM Included in the image llGetAdvChanPDU Function received advertising Parses the packet and copies its contents to another buffer. If the received data exceeds a certain length, BLE-Stack Included in applications that run on halAssertHandler It is a mechanism to call a function and continue processing. The following chips are vulnerable: CC2640 (non-R2) with BLE-STACK version 2.2.1 or prior CC2650 with BLE-STACK version 2.2.1 or prior CC2640R2F with SimpleLink CC2640R2 SDK version 1.00.00.22 (BLE-STACK 3.0.0) CC1350 with SimpleLink CC13x0 SDK version 2.20.00.38 (BLE-STACK 2.3.3) or prior
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0299",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ble-stack",
"scope": "eq",
"trust": 1.0,
"vendor": "ti",
"version": "3.0.0"
},
{
"model": "ble-stack",
"scope": "lte",
"trust": 1.0,
"vendor": "ti",
"version": "2.2.1"
},
{
"model": "ble-stack",
"scope": "lte",
"trust": 1.0,
"vendor": "ti",
"version": "2.3.3"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "aruba",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "texas instruments",
"version": null
},
{
"model": "ble-stack",
"scope": "lt",
"trust": 0.8,
"vendor": "texas instrument",
"version": "v2.2.2 earlier"
},
{
"model": "simplelink cc2640r2 sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "ti",
"version": "1.00.00.22"
},
{
"model": "simplelink cc13x0 sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "ti",
"version": "2.20.00.38"
},
{
"model": "cc2650",
"scope": "eq",
"trust": 0.3,
"vendor": "ti",
"version": "0"
},
{
"model": "cc2640r2f",
"scope": "eq",
"trust": 0.3,
"vendor": "ti",
"version": "0"
},
{
"model": "cc2640",
"scope": "eq",
"trust": 0.3,
"vendor": "ti",
"version": "0"
},
{
"model": "cc1350",
"scope": "eq",
"trust": 0.3,
"vendor": "ti",
"version": "0"
},
{
"model": "ble-stack",
"scope": "eq",
"trust": 0.3,
"vendor": "ti",
"version": "3.0"
},
{
"model": "ble-stack",
"scope": "eq",
"trust": 0.3,
"vendor": "ti",
"version": "2.3.3"
},
{
"model": "ble-stack",
"scope": "eq",
"trust": 0.3,
"vendor": "ti",
"version": "2.2.1"
},
{
"model": "ble-stack",
"scope": "eq",
"trust": 0.3,
"vendor": "ti",
"version": "2.1.1"
},
{
"model": "ble-stack",
"scope": "eq",
"trust": 0.3,
"vendor": "ti",
"version": "2.1"
},
{
"model": "ble-stack",
"scope": "eq",
"trust": 0.3,
"vendor": "ti",
"version": "2.0"
},
{
"model": "ble-stack",
"scope": "eq",
"trust": 0.3,
"vendor": "ti",
"version": "1.4.1"
},
{
"model": "ble-stack",
"scope": "eq",
"trust": 0.3,
"vendor": "ti",
"version": "1.4"
},
{
"model": "meraki mr74",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "meraki mr53e",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "meraki mr42e",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "meraki mr33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "meraki mr30h",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aironet",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4800"
},
{
"model": "aironet 1815m",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aironet 1815i",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aironet",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18100"
},
{
"model": "aironet 1800i",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aironet",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15400"
},
{
"model": "simplelink cc2640r2 sdk",
"scope": "ne",
"trust": 0.3,
"vendor": "ti",
"version": "1.30.00.25"
},
{
"model": "simplelink cc13x0 sdk",
"scope": "ne",
"trust": 0.3,
"vendor": "ti",
"version": "2.30.00.20"
},
{
"model": "ble-stack",
"scope": "ne",
"trust": 0.3,
"vendor": "ti",
"version": "3.0.1"
},
{
"model": "ble-stack",
"scope": "ne",
"trust": 0.3,
"vendor": "ti",
"version": "2.3.4"
},
{
"model": "ble-stack",
"scope": "ne",
"trust": 0.3,
"vendor": "ti",
"version": "2.2.2"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#317277"
},
{
"db": "BID",
"id": "105812"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008978"
},
{
"db": "NVD",
"id": "CVE-2018-16986"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:texas_instrument:ukcms:ble-stack",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-008978"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco would like to thank Ben Seri, for finding and reporting this vulnerability., VP of Research at Armis",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-025"
}
],
"trust": 0.6
},
"cve": "CVE-2018-16986",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2018-16986",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2018-16986",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-16986",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-025",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-025"
},
{
"db": "NVD",
"id": "CVE-2018-16986"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Texas Instruments BLE-STACK v2.2.1 for SimpleLink CC2640 and CC2650 devices allows remote attackers to execute arbitrary code via a malformed packet that triggers a buffer overflow. Texas Instruments Microcontroller CC2640 and CC2650 Used in the firmware of BLE-Stack Contains a buffer overflow vulnerability. Insufficient memory operation range (CWE-119) - CVE-2018-16986 Texas Instruments Microcontroller CC2640 and CC2650 Used in the firmware of BLE-Stack Is BLE advertising There is a problem with packet processing. In the chip ROM Included in the image llGetAdvChanPDU Function received advertising Parses the packet and copies its contents to another buffer. If the received data exceeds a certain length, BLE-Stack Included in applications that run on halAssertHandler It is a mechanism to call a function and continue processing. \nThe following chips are vulnerable:\nCC2640 (non-R2) with BLE-STACK version 2.2.1 or prior\nCC2650 with BLE-STACK version 2.2.1 or prior\nCC2640R2F with SimpleLink CC2640R2 SDK version 1.00.00.22 (BLE-STACK 3.0.0)\nCC1350 with SimpleLink CC13x0 SDK version 2.20.00.38 (BLE-STACK 2.3.3) or prior",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-16986"
},
{
"db": "CERT/CC",
"id": "VU#317277"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008978"
},
{
"db": "BID",
"id": "105812"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#317277",
"trust": 3.5
},
{
"db": "NVD",
"id": "CVE-2018-16986",
"trust": 2.8
},
{
"db": "BID",
"id": "105812",
"trust": 1.9
},
{
"db": "SECTRACK",
"id": "1042018",
"trust": 1.6
},
{
"db": "JVN",
"id": "JVNVU98767431",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008978",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2019.1300",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201811-025",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CERT/CC",
"id": "VU#317277"
},
{
"db": "BID",
"id": "105812"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008978"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-025"
},
{
"db": "NVD",
"id": "CVE-2018-16986"
}
]
},
"id": "VAR-201811-0299",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
}
],
"trust": 0.01
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"network device"
],
"sub_category": "bluetooth device",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-01-30T21:06:31.758000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": " Aruba BLE Radio Firmware Vulnerability ",
"trust": 0.8,
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-006.txt"
},
{
"title": "BLE-Stack 2.2.2",
"trust": 0.8,
"url": "http://software-dl.ti.com/lprf/ble_stack/exports/release_notes_BLE_Stack_2_2_2.html"
},
{
"title": "Texas Instruments CC2640 and CC2650 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86570"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-008978"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-025"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-008978"
},
{
"db": "NVD",
"id": "CVE-2018-16986"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "https://armis.com/bleedingbit/"
},
{
"trust": 2.7,
"url": "https://www.kb.cert.org/vuls/id/317277"
},
{
"trust": 1.9,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181101-ap"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/105812"
},
{
"trust": 1.6,
"url": "http://www.securitytracker.com/id/1042018"
},
{
"trust": 1.6,
"url": "http://e2e.ti.com/support/wireless-connectivity/bluetooth/f/538/t/742827"
},
{
"trust": 1.1,
"url": "http://software-dl.ti.com/lprf/ble_stack/exports/release_notes_ble_stack_2_2_2.html"
},
{
"trust": 0.8,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.8,
"url": "https://www.arubanetworks.com/assets/alert/aruba-psa-2018-006.txt"
},
{
"trust": 0.8,
"url": "http://dev.ti.com/tirex/content/simplelink_cc2640r2_sdk_2_30_00_28/docs/blestack/ble_user_guide/html/ble3-stack-oad/index-ble3-cc2640.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-16986"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu98767431/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16986"
},
{
"trust": 0.6,
"url": "https://fortiguard.com/psirt/fg-ir-18-356"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/79126"
},
{
"trust": 0.3,
"url": "http://www.ti.com/"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CERT/CC",
"id": "VU#317277"
},
{
"db": "BID",
"id": "105812"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008978"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-025"
},
{
"db": "NVD",
"id": "CVE-2018-16986"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "CERT/CC",
"id": "VU#317277"
},
{
"db": "BID",
"id": "105812"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008978"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-025"
},
{
"db": "NVD",
"id": "CVE-2018-16986"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-01T00:00:00",
"db": "CERT/CC",
"id": "VU#317277"
},
{
"date": "2018-11-01T00:00:00",
"db": "BID",
"id": "105812"
},
{
"date": "2018-11-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-008978"
},
{
"date": "2018-11-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-025"
},
{
"date": "2018-11-06T15:29:00.327000",
"db": "NVD",
"id": "CVE-2018-16986"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-07T00:00:00",
"db": "CERT/CC",
"id": "VU#317277"
},
{
"date": "2018-11-01T00:00:00",
"db": "BID",
"id": "105812"
},
{
"date": "2019-07-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-008978"
},
{
"date": "2021-07-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-025"
},
{
"date": "2024-11-21T03:53:39.360000",
"db": "NVD",
"id": "CVE-2018-16986"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-025"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Texas Instruments CC2640 and CC2650 microcontrollers vulnerable to heap overflow and insecure update",
"sources": [
{
"db": "CERT/CC",
"id": "VU#317277"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-025"
}
],
"trust": 0.6
}
}
VAR-201812-0630
Vulnerability from variot - Updated: 2024-11-23 22:30A vulnerability exists in the firmware of embedded BLE radios that are part of some Aruba Access points. An attacker who is able to exploit the vulnerability could install new, potentially malicious firmware into the AP's BLE radio and could then gain access to the AP's console port. This vulnerability is applicable only if the BLE radio has been enabled in affected access points. The BLE radio is disabled by default. Note - Aruba products are NOT affected by a similar vulnerability being tracked as CVE-2018-16986. Aruba Access point Contains vulnerabilities related to security features.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Texas Instruments Bluetooth Low Energy Chips are prone to an remote code-execution vulnerability. Successfully exploiting this issue will allow an attackers to execute arbitrary code. Aruba AP-3xx and others are wireless access point devices of Aruba Networks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201812-0630",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "arubaos",
"scope": "lt",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "8.2.2.2"
},
{
"model": "arubaos",
"scope": "lt",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "8.3.0.4"
},
{
"model": "arubaos",
"scope": "gte",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "6.5.3.0"
},
{
"model": "203rp",
"scope": "eq",
"trust": 1.0,
"vendor": "arubanetworks",
"version": null
},
{
"model": "arubaos",
"scope": "gte",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "6.4.4.0"
},
{
"model": "arubaos",
"scope": "lt",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "6.5.4.9"
},
{
"model": "203r",
"scope": "eq",
"trust": 1.0,
"vendor": "arubanetworks",
"version": null
},
{
"model": "ap-300 series access points",
"scope": "eq",
"trust": 1.0,
"vendor": "arubanetworks",
"version": null
},
{
"model": "ap-300 series instant access points",
"scope": "eq",
"trust": 1.0,
"vendor": "arubanetworks",
"version": null
},
{
"model": "arubaos",
"scope": "lt",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "6.4.4.20"
},
{
"model": "arubaos",
"scope": "gte",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "8.0.0.0"
},
{
"model": "arubaos",
"scope": "lt",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "6.5.3.9"
},
{
"model": "arubaos",
"scope": "gte",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "6.5.4.0"
},
{
"model": "arubaos",
"scope": "gte",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "8.3.0.0"
},
{
"model": "203r",
"scope": null,
"trust": 0.8,
"vendor": "aruba",
"version": null
},
{
"model": "203rp",
"scope": null,
"trust": 0.8,
"vendor": "aruba",
"version": null
},
{
"model": "300 series access points",
"scope": null,
"trust": 0.8,
"vendor": "aruba",
"version": null
},
{
"model": "instant ap",
"scope": null,
"trust": 0.8,
"vendor": "aruba",
"version": null
},
{
"model": "arubaos",
"scope": null,
"trust": 0.8,
"vendor": "aruba",
"version": null
},
{
"model": "cc2650",
"scope": "eq",
"trust": 0.3,
"vendor": "ti",
"version": "0"
},
{
"model": "cc2642r",
"scope": "eq",
"trust": 0.3,
"vendor": "ti",
"version": "0"
},
{
"model": "cc2640r2f",
"scope": "eq",
"trust": 0.3,
"vendor": "ti",
"version": "0"
},
{
"model": "cc2640",
"scope": "eq",
"trust": 0.3,
"vendor": "ti",
"version": "0"
},
{
"model": "cc2541",
"scope": "eq",
"trust": 0.3,
"vendor": "ti",
"version": "0"
},
{
"model": "cc2540",
"scope": "eq",
"trust": 0.3,
"vendor": "ti",
"version": "0"
},
{
"model": "iap-3xx",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "8.3.0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "8.1.0.4"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "8.1.0.3"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "8.0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.2"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.1"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.3"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.2"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.4.16"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.4.15"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.4.0"
},
{
"model": "ap-3xx",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "0"
},
{
"model": "ap-203rp",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "0"
},
{
"model": "ap-203r",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "0"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "8.3.0.4"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "8.2.2.2"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.9"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.9"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.4.20"
}
],
"sources": [
{
"db": "BID",
"id": "105814"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014398"
},
{
"db": "NVD",
"id": "CVE-2018-7080"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:arubanetworks:203r_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:arubanetworks:203rp_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:arubanetworks:ap-300_series_access_points_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:arubanetworks:instant_access_point_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:arubanetworks:arubaos",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-014398"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Armis",
"sources": [
{
"db": "BID",
"id": "105814"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-090"
}
],
"trust": 0.9
},
"cve": "CVE-2018-7080",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "CVE-2018-7080",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "VHN-137112",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:A/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"id": "CVE-2018-7080",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-7080",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-7080",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-090",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-137112",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137112"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014398"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-090"
},
{
"db": "NVD",
"id": "CVE-2018-7080"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability exists in the firmware of embedded BLE radios that are part of some Aruba Access points. An attacker who is able to exploit the vulnerability could install new, potentially malicious firmware into the AP\u0027s BLE radio and could then gain access to the AP\u0027s console port. This vulnerability is applicable only if the BLE radio has been enabled in affected access points. The BLE radio is disabled by default. Note - Aruba products are NOT affected by a similar vulnerability being tracked as CVE-2018-16986. Aruba Access point Contains vulnerabilities related to security features.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Texas Instruments Bluetooth Low Energy Chips are prone to an remote code-execution vulnerability. \nSuccessfully exploiting this issue will allow an attackers to execute arbitrary code. Aruba AP-3xx and others are wireless access point devices of Aruba Networks",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7080"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014398"
},
{
"db": "BID",
"id": "105814"
},
{
"db": "VULHUB",
"id": "VHN-137112"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-7080",
"trust": 2.8
},
{
"db": "BID",
"id": "105814",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014398",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-090",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-137112",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137112"
},
{
"db": "BID",
"id": "105814"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014398"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-090"
},
{
"db": "NVD",
"id": "CVE-2018-7080"
}
]
},
"id": "VAR-201812-0630",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-137112"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:30:10.495000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ARUBA-PSA-2018-006",
"trust": 0.8,
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-006.txt"
},
{
"title": "Texas Instruments Bluetooth Low Energy Chips Enter the fix for the verification vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86610"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-014398"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-090"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-254",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137112"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014398"
},
{
"db": "NVD",
"id": "CVE-2018-7080"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://www.arubanetworks.com/assets/alert/aruba-psa-2018-006.txt"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/105814"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7080"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7080"
},
{
"trust": 0.3,
"url": "http://www.arubanetworks.com/"
},
{
"trust": 0.3,
"url": "http://www.ti.com/"
},
{
"trust": 0.3,
"url": "https://armis.com/bleedingbit/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137112"
},
{
"db": "BID",
"id": "105814"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014398"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-090"
},
{
"db": "NVD",
"id": "CVE-2018-7080"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-137112"
},
{
"db": "BID",
"id": "105814"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014398"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-090"
},
{
"db": "NVD",
"id": "CVE-2018-7080"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-07T00:00:00",
"db": "VULHUB",
"id": "VHN-137112"
},
{
"date": "2018-11-01T00:00:00",
"db": "BID",
"id": "105814"
},
{
"date": "2019-03-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-014398"
},
{
"date": "2018-11-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-090"
},
{
"date": "2018-12-07T21:29:01.390000",
"db": "NVD",
"id": "CVE-2018-7080"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-137112"
},
{
"date": "2018-11-01T00:00:00",
"db": "BID",
"id": "105814"
},
{
"date": "2019-03-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-014398"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-090"
},
{
"date": "2024-11-21T04:11:37.020000",
"db": "NVD",
"id": "CVE-2018-7080"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-090"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Aruba Access point Vulnerabilities related to security functions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-014398"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "security feature problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-090"
}
],
"trust": 0.6
}
}