Strictly necessary cookies are on by default and cannot be turned off. Functional, Performance and Tracking/targeting/sharing cookies can be turned on below based on your preferences (this banner will remain available for you to accept cookies). You may change your cookie settings by deleting cookies from your browser. Then this banner will appear again. You can learn more details about cookies HERE.
Strictly necessary (always on)
Functional, Performance and Tracking/targeting/sharing (default off)
Security Bulletin: BLE Security Vulnerabilities CVE-2019-17061 and CVE-2019-16336 (Status Update)
Security Bulletin: BLE Security Vulnerabilities
CVE-2019-17061 and CVE-2019-16336 (Status Update)
Cypress has reviewed and analyzed recent reports on BLE security vulnerabilities outlined in CVE-2019-17061 and CVE-2019-16336, collectively referred to as the SweynTooth Bluetooth Low Energy (BLE) vulnerabilities. These vulnerabilities have been addressed via firmware updates. Below is the status update:
PSoC 4 BLE
BLE Component 3.63 in PSoC Creator
BLE Component 3.64 in PSoC Creator
PSoC 6 BLE
BLE Middleware 3.30 used by ModusToolBox 2.x
PDL 3.1.1 in PSoC Creator
BLE Middleware 3.40 used by ModusToolBox 2.x
PDL 3.1.2 in PSoC Creator
Other Cypress Devices
To date, Cypress has not observed vulnerabilities associated with CVE-2019-17061 and CVE-2019-16336 in other devices. Customers using other devices or requiring further assistance can receive support by creating a case through our secure support portal or by contacting their Cypress representative.
If you believe you have identified a vulnerability in any Cypress product, please visit our security response page and email the Product Security Incident Response Team (PSIRT) at firstname.lastname@example.org.