Exploring SweynTooth: Securing Your Devices from Known Vulnerabilities

Exploring SweynTooth: Securing Your Devices from Known Vulnerabilities

SweynTooth is an alarming name being heard in the tech news lately. This is due to the critical vulnerabilities found on Bluetooth Stacks from some leading manufacturers. This vulnerability could potentially put millions of internet-enabled devices around the world at risk.

SweynTooth can be used to carry out Denial of Service (DoS) attacks or other malicious activities. Learn more about how to protect yourself and your devices from this threat.

SweynTooth Capabilities

Crash Devices –

Dealock devices –

Bypass Security

Manufacturers Affected

  • Dialog Semiconductors
  • Microchip
  • STMicroelectronics
  • Telink SemiconductorTexas Instruments
  • NXP
  • Cypress

Public CVEs

Vulnerability

CVE(s)

Vendor

Script file

Link Layer Length Overflow

CVE-2019-16336
CVE-2019-17519

Cypress
NXP

link_layer_length_overflow.py

LLID Deadlock

CVE-2019-17061
CVE-2019-17060

Cypress
NXP

llid_dealock.py

Truncated L2CAP

CVE-2019-17517

Dialog

DA14580_exploit_att_crash.py

Silent Length Overflow

CVE-2019-17518

Dialog

DA14680_exploit_silent_overflow.py

Public Key Crash

CVE-2019-17520

Texas Instruments

CC2640R2_public_key_crash.py

Invalid Connection Request

CVE-2019-19193

Texas Instruments

CC_connection_req_crash.py

Invalid L2CAP Fragment

CVE-2019-19195

Microchip

Microchip_invalid_lcap_fragment.py

Sequential ATT Deadlock

CVE-2019-19192

STMicroelectronics

sequential_att_deadlock.py

Key Size Overflow

CVE-2019-19196

Telink

Telink_key_size_overflow.py

Zero LTK Installation

CVE-2019-19194

Telink

Telink_zero_ltk_installation.py

DHCheck Skip

CVE-2020-13593

Texas Instruments

non_compliance_dhcheck_skip.py

ESP32 HCI Desync

CVE-2020-13595

Espressif Systems

esp32_hci_desync.py

Zephyr Invalid Sequence

CVE-2020-10061

Zephyr Project

zephyr_invalid_sequence.py

Invalid Channel Map

CVE-2020-10069
CVE-2020-13594

Zephyr Project
Espressif Systems
Microchip

invalid_channel_map.py

ICS Alert (ICS-ALERT-20-063-01)