Broadcom Information for VU#304725

Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange



Vendor Statement

Some Broadcom products supporting Bluetooth 2.1 or newer technology may be affected by some of the issues reported in VU#304725.

We have made relevant fixes available to our OEM customers, who may release them in their software updates to end-users.​

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References



There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.