SweynTooth is an alarming name being heard in the tech news lately. This is due to the critical vulnerabilities found on Bluetooth Stacks from some leading manufacturers. This vulnerability could potentially put millions of internet-enabled devices around the world at risk.

SweynTooth can be used to carry out Denial of Service (DoS) attacks or other malicious activities. Learn more about how to protect yourself and your devices from this threat.

SweynTooth Capabilities

Crash Devices –

Dealock devices –

Bypass Security

Manufacturers Affected

  • Dialog Semiconductors
  • Microchip
  • STMicroelectronics
  • Telink SemiconductorTexas Instruments
  • NXP
  • Cypress

Public CVEs

VulnerabilityCVE(s)VendorScript file
Link Layer Length OverflowCVE-2019-16336
CVE-2019-17519
Cypress
NXP
link_layer_length_overflow.py
LLID DeadlockCVE-2019-17061
CVE-2019-17060
Cypress
NXP
llid_dealock.py
Truncated L2CAPCVE-2019-17517DialogDA14580_exploit_att_crash.py
Silent Length OverflowCVE-2019-17518DialogDA14680_exploit_silent_overflow.py
Public Key CrashCVE-2019-17520Texas InstrumentsCC2640R2_public_key_crash.py
Invalid Connection RequestCVE-2019-19193Texas InstrumentsCC_connection_req_crash.py
Invalid L2CAP FragmentCVE-2019-19195MicrochipMicrochip_invalid_lcap_fragment.py
Sequential ATT DeadlockCVE-2019-19192STMicroelectronicssequential_att_deadlock.py
Key Size OverflowCVE-2019-19196TelinkTelink_key_size_overflow.py
Zero LTK InstallationCVE-2019-19194TelinkTelink_zero_ltk_installation.py
DHCheck SkipCVE-2020-13593Texas Instrumentsnon_compliance_dhcheck_skip.py
ESP32 HCI DesyncCVE-2020-13595Espressif Systemsesp32_hci_desync.py
Zephyr Invalid SequenceCVE-2020-10061Zephyr Projectzephyr_invalid_sequence.py
Invalid Channel MapCVE-2020-10069
CVE-2020-13594
Zephyr Project
Espressif Systems
Microchip
invalid_channel_map.py

ICS Alert (ICS-ALERT-20-063-01)

SweynTooth

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

Read our privacy policy for more info.

Categorized in:

Bluetooth Hacking,

Last Update: 17/01/2024