Bluetooth Vulnerability CVE-2019-9506 in WICED Studio 6.x

Tip / Sign in to post questions, reply, level up, and achieve exciting badges. Know more

cross mob
TaMi_1708256
Level 2
Level 2
50 sign-ins First like given 25 sign-ins

Hi

I have a question about Bluetooth Vulnerability(CVE-2019-9506) in WICED Stuido 6 or future release.

Because this vulnerability is encryption key size issue,  I think it is relevant to all Bluetooth Classic devices.

Is there this vulnerability in the released WICED Studio version (6.2 or 6.4)?

If it have  this vulnerability,   are you planning to fix this vulnerability in the future?

Best Regards,

0 Likes
1 Solution
SheetalJ
Moderator
Moderator
Moderator
First comment on KBA 750 replies posted 500 likes received

Hi TaMi_1708256​,

Cypress has recognized this issue and an official statement is posted on Community: Security Bulletin: Key Negotiation Of Bluetooth (KNOB) Vulnerability

The fix for this vulnerability is not provided in WICED 6.2 or 6.4, our software team is working internally to fix this. To get temporary support/ workaround, please get in touch with Your local Cypress team.

View solution in original post

2 Replies
SheetalJ
Moderator
Moderator
Moderator
First comment on KBA 750 replies posted 500 likes received

Hi TaMi_1708256​,

Cypress has recognized this issue and an official statement is posted on Community: Security Bulletin: Key Negotiation Of Bluetooth (KNOB) Vulnerability

The fix for this vulnerability is not provided in WICED 6.2 or 6.4, our software team is working internally to fix this. To get temporary support/ workaround, please get in touch with Your local Cypress team.

Hi Sheetalj_96

Thank you for your reply.

We are not in a hurry, so we will wait for WICED Studio Fix.

I expect the next WICED Studio release to contain this fixe.

Thanks

0 Likes