How severe is CVE-2021-28136?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2021-28136?

This is classified as CWE-787, which is a common weakness in software security.

CVE-2021-28136 - MEDIUM Severity | CVSS 6.5

Vulnerability Description

The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly handle the reception of multiple LMP IO Capability Request packets during the pairing process, allowing attackers in radio range to trigger memory corruption (and consequently a crash) in ESP32 via a replayed (duplicated) LMP packet.

Related Vulnerabilities

CVE-2014-1523

MEDIUM

CVSS:6.5(Medium)

Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a ...

CWE-7872014

CVE-2014-8128

MEDIUM

CVSS:6.5(Medium)

LibTIFF prior to 4.0.4, as used in Apple iOS before 8.4 and OS X before 10.10.4 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted TIFF image.

CWE-7872014

CVE-2015-8613

MEDIUM

CVSS:6.5(Medium)

Stack-based buffer overflow in the megasas_ctrl_get_info function in QEMU, when built with SCSI MegaRAID SAS HBA emulation support, allows local guest users to cause a denial of service (QEMU instance...

CWE-7872015

CVE-2015-8781

MEDIUM

CVSS:6.5(Medium)

tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds write) via an invalid number of samples per pixel in a LogL compressed TIFF image, a different vulnerability than CVE-...

CWE-7872015

CVE-2015-8782

MEDIUM

CVSS:6.5(Medium)

tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds writes) via a crafted TIFF image, a different vulnerability than CVE-2015-8781.

CWE-7872015

CVE-2015-8784

MEDIUM

CVSS:6.5(Medium)

The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted TIFF image, as demonstrated by libtiff5.tif.

CWE-7872015