CC2745R10-Q1: Information needed on the CVE numbers: CVE-2024-45431, CVE-2024-45432, CVE-2024-45433, CVE-2024-45434

VENKATESH VENUGOPAL

Part Number: CC2745R10-Q1

Tool/software:

Hello E2E forum members,

Currently for our bluetooth product, we are using micro CC2745R10-Q1 and SDK simplelink_lowpower_f3_sdk_9_10_00_83.

Please provide information, whether these CVE are applicable to this devices or any other devices

Thank you!

0 Nima 2 months ago

Hello,

You can refer to the PSIRT page for information on CVE and reported vulnerabilities: Report potential product security vulnerabilities | TI.com

If you scroll down the page you will see "Security bulletin" which has the list of vulnerabilities that have been reported and/or TI is aware of.

Best,

Nima Behmanesh

0 VENKATESH VENUGOPAL 2 months ago in reply to Nima

Hello Nima,

I have already checked this PSIRT page, they report vulnerabilities till 2023, no information above CVE ID

0 Evan W 1 month ago in reply to VENKATESH VENUGOPAL

Venkatesh,

These CVE's only seem to impact the BlueSDK Bluetooth Stack developed by OpenSynergy according to this article: This Bluetooth Exploit Can Hack a Mercedes, Volkswagen — No Tools, Just a Pairing Request

These have not been reported to TI so no impact.

Bluetooth forum