====================================================================


                             CERT-Renater

                 Note d'Information No. 2018/VULN359
_____________________________________________________________________

DATE                : 02/11/2018

HARDWARE PLATFORM(S): Cisco Aironet Access Points, Meraki MR,
                   Texas  Instruments (TI) chips CC2640 and CC2650.

OPERATING SYSTEM(S): Cisco Wireless LAN Controller Software.

=====================================================================
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181101-ap
_____________________________________________________________________

Cisco Security Advisory: Texas Instruments Bluetooth Low Energy Denial
of Service and Remote Code Execution Vulnerability

Advisory ID: cisco-sa-20181101-ap

Revision: 1.0

For Public Release: 2018 November 1 15:00 GMT

Last Updated: 2018 November 1 15:00 GMT

CVE ID(s): CVE-2018-16986

CVSS Score v(3): 8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

+---------------------------------------------------------------------

Summary

=======

On November 1st, 2018, Armis announced the presence of a Remote Code
Execution (RCE) or Denial of Service (DoS) vulnerability in the
Bluetooth Low Energy (BLE) Stack on Texas  Instruments (TI) chips CC2640
and CC2650. This vulnerability has been assigned the Common
Vulnerabilities and Exposures (CVE) ID of CVE-2018-16986.

The vulnerability is due to a memory corruption condition that may occur
when processing malformed BLE frames. An attacker in close proximity to
an affected device that is actively scanning could exploit the issue by
broadcasting malformed BLE frames.  A successful exploit may result in
the attacker gaining the ability to execute arbitrary code or cause a
denial of service condition on an affected device.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181101-ap
["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181101-ap"]


=========================================================
+ CERT-RENATER        | tel : 01-53-94-20-44            +
+ 23/25 Rue Daviel    | fax : 01-53-94-20-41            +
+ 75013 Paris         | email:cert@support.renater.fr   +
=========================================================