Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ti vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-15948
Texas Instruments CC256x and WL18xx dual-mode Bluetooth controller devices, when LE scan mode is used, allow remote malicious users to trigger a buffer overflow via a malformed Bluetooth Low Energy advertising packet, to cause a denial of service or potentially execute arbitrary ...
Ti Cc256xc-bt-sp Firmware
Ti Cc256xb-bt-sp Firmware
Ti Wl18xx-bt-sp Firmware
7.8
CVSSv3
CVE-2021-27504
Texas Instruments devices running FREERTOS, malloc returns a valid pointer to a small buffer on extremely large values, which can trigger an integer overflow vulnerability in 'malloc' for FreeRTOS, resulting in code execution.
Amazon Freertos 10.4.1
Ti Simplelink Cc26xx Software Development Kit
Ti Simplelink Cc13xx Software Development Kit
Ti Simplelink Cc32xx Software Development Kit
Ti Simplelink Msp432e411y -
Ti Simplelink Msp432e401y -
6.5
CVSSv3
CVE-2019-19193
The Bluetooth Low Energy peripheral implementation on Texas Instruments SIMPLELINK-CC2640R2-SDK up to and including 3.30.00.20 and BLE-STACK up to and including 1.5.0 before Q4 2019 for CC2640R2 and CC2540/1 devices does not properly restrict the advertisement connection request ...
Ti Ble-stack
Ti Cc2640r2 Software Development Kit
9.8
CVSSv3
CVE-2023-29468
The Texas Instruments (TI) WiLink WL18xx MCP driver does not limit the number of information elements (IEs) of type XCC_EXT_1_IE_ID or XCC_EXT_2_IE_ID that can be parsed in a management frame. Using a specially crafted frame, a buffer overflow can be triggered that can potentiall...
Ti Wilink8-wifi-mcp8 8.5
Ti Wilink8-wifi-mcp8
8.8
CVSSv3
CVE-2022-25334
The Texas Instruments OMAP L138 (secure variants) trusted execution environment (TEE) lacks a bounds check on the signature size field in the SK_LOAD module loading routine, present in mask ROM. A module with a sufficiently large signature field causes a stack overflow, affecting...
Ti Omap L138 Firmware -
6.5
CVSSv3
CVE-2019-17520
The Bluetooth Low Energy implementation on Texas Instruments SDK up to and including 3.30.00.20 for CC2640R2 devices does not properly restrict the SM Public Key packet on reception, allowing attackers in radio range to cause a denial of service (crash) via crafted packets.
Ti Cc2640r2 Software Development Kit
8.8
CVSSv3
CVE-2022-25333
The Texas Instruments OMAP L138 (secure variants) trusted execution environment (TEE) performs an RSA check implemented in mask ROM when loading a module through the SK_LOAD routine. However, only the module header authenticity is validated. An adversary can re-use any correctly ...
Ti Omap L138 Firmware -
4.1
CVSSv3
CVE-2022-25332
The AES implementation in the Texas Instruments OMAP L138 (secure variants), present in mask ROM, suffers from a timing side channel which can be exploited by an adversary with non-secure supervisor privileges by managing cache contents and collecting timing information for diffe...
Ti Omap L138 Firmware -
6.5
CVSSv3
CVE-2021-34149
The Bluetooth Classic implementation on the Texas Instruments CC256XCQFN-EM does not properly handle the reception of continuous LMP_AU_Rand packets, allowing attackers in radio range to trigger a denial of service (deadlock) of the device by flooding it with LMP_AU_Rand packets ...
Ti Cc256xcqfn-em Firmware -
8.2
CVSSv3
CVE-2020-27890
The Zigbee protocol implementation on Texas Instruments CC2538 devices with Z-Stack 3.0.1 does not properly process a ZCL Write Attributes No Response message. It crashes in zclParseInWriteCmd() and does not update the specific attribute's value.
Ti Z-stack 3.0.1
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »