Skip to main

TI Bluetooth stack can fail to generate a resolvable Random Private Address (RPA) leading to DoS for already bonded peer devices


Advisory Information

  • Advisory ID: BOSCH-SA-466062
  • CVE Numbers and CVSS v3.1 Scores:
  • Published: 28 May 2024
  • Last Updated: 31 May 2024


When running Defensics test case #SMP legacy 1001 with loop mode on DUT configured as resolvable private address, after a while, the device will end up generating unresolvable random private address causing Denial of Service for already bonded peer devices.

The potential vulnerability can impact Bluetooth® Low Energy devices running the affected SDK versions and enabled Bluetooth privacy with resolvable private address feature.

Affected Products

  • Texas Instruments SIMPLELINK-CC13XX-CC26XX-SDK: SimpleLink™ CC13xx and CC26xx software development kit (SDK) on: CC2651P3, CC2651R3, CC2651R3SIPA, CC2642R, CC2642P, CC2652R, CC2652P, CC1352R, CC1352P, CC2652RSIP, CC2652PSIP, CC2642R-Q1
    • CVE-2023-52709
      • Version(s): <= V7.10.02.23

Solution and Mitigations


The following SDK releases addresses the potential vulnerability:

Affected SDK
First SDK version with mitigations
First BLE stack version with mitigations
SimpleLink Low Power F3 SDK (

Vulnerability Details


CVE description: Denial of Service in  in Texas Instrument SIMPLELINK-CC13XX-CC26XX-SDK: SimpleLink™ CC13xx and CC26xx software development kit (SDK) V7.10.02.23 and earlier allow possible Denial of Service attack.


Security Update Information

With respect to Directive (EU) 2019/770 and Directive (EU) 2019/771 and their national transposition laws, please note:

It is your responsibility to download and/or install any security updates provided by us, for example to maintain product or data security. If you fail to install a security update provided to you within a reasonable period of time, we will not be liable for any product defect solely due to the absence of such security update.

Alternatively, we are entitled to directly download and/or install security updates regardless of your settings. In these cases, we will provide you with the relevant information, e.g. in this security advisory.

CVSS Scoring

Vulnerability classification has been performed using the CVSS v3.1 scoring system . The CVSS environmental score is specific to each customer’s environment and should be defined by the customer to attain a final scoring.

Additional Resources

Please contact the Bosch PSIRT if you have feedback, comments, or additional information about this vulnerability at: .

Revision History

  • 31 May 2024: Fixed product name in affected products
  • 28 May 2024: Initial Publication



We would like to thank Kevin Mitchell, from ETAS Inc., for reporting this vulnerability and working toward a coordinated disclosure.