VDE-2022-006
Last update
24.03.2022 11:48
Published at
24.03.2022 11:48
Vendor(s)
Endress+Hauser AG
External ID
VDE-2022-006
CSAF Document
Summary
Possible memory corruption in BT controller when it receives an oversized LMP packet over 2-DH1 link and leads to denial of service.
Impact
Please consult the CVE entry above.
Affected Product(s)
| Model no. | Product name | Affected versions |
|---|---|---|
| SFP50-* | FieldPort SFP50 (mobiLink) | Firmware 1.31<=1.40 |
| SMT70-*MJ, SMT70-*+MJ | mobiLink BT and USB modem CN+KR in bundle with Field Xpert SMT70 | Firmware 1.31<=1.40 |
| SMT77-*+MJ, SMT77-*MJ | mobiLink BT and USB modem CN+KR in bundle with Field Xpert SMT77 | Firmware 1.31<=1.40 |
| SMT50-*MH | mobiLink Bluetooth and USB modem in bundle with Field Xpert SMT50 | Firmware 1.31<=1.40 |
| SMT70-*MH, SMT70-*+MH | mobiLink Bluetooth and USB modem in bundle with Field Xpert SMT70 | Firmware 1.31<=1.40 |
| SMT77-*+MH, SMT77-*MH | mobiLink Bluetooth and USB modem in bundle with Field Xpert SMT77 | Firmware 1.31<=1.40 |
Vulnerabilities
Expand / Collapse all
Published
24.09.2025 12:37
Severity
Weakness
Out-of-bounds Write (CWE-787)
Summary
Possible memory corruption in BT controller when it receives an oversized LMP packet over 2-DH1 link and leads to denial of service in BlueCore
References
Mitigation
Endress+Hauser recommends using the FieldPort SFP50 only in secure environment and to allow access tothe devices only to authorized persons.
Remediation
Currently no fix planned from chip supplier.
Acknowledgments
Endress+Hauser AG thanks the following parties for their efforts:
- CERT@VDE for coordination (see https://certvde.com )
Revision History
| Version | Date | Summary |
|---|---|---|
| 1 | 24.03.2022 11:48 | Initial revision. |