SWRA740 February   2022 CC3100 , CC3100MOD , CC3120 , CC3120MOD , CC3130 , CC3135 , CC3135MOD , CC3200 , CC3200MOD , CC3220MOD , CC3220MODA , CC3220R , CC3220S , CC3220SF , CC3230S , CC3230SF , CC3235MODAS , CC3235MODASF , CC3235MODS , CC3235MODSF , CC3235S , CC3235SF


  1.   TI-PSIRT-2021-100117


Publication date: Feb 15, 2022

CVEID: CVE-2021-21966


The SimpleLink™ CC32xx/CC31xx includes an integrated HTTP server that provides services which can be activated without involving the application processor (services are offloaded from the application processor). Among the HTTP services is a ping utility that can be used to test and troubleshoot network connectivity issues.

When the utility is activated, the device sends a ping with an optional payload buffer. The buffer used to send the payload is not initialized properly and may include sensitive information.

The vulnerability was originally reported on TI’s CC3200, but TI has analyzed the potential effect on all SimpleLink Wi-Fi CC32xx/CC31xx generations, and those affected versions are listed below.

Common Vulnerability Scoring System (CVSS) base score: 5.3

CVSS vector:

Affected products and versions

Potentially impacted features

The vulnerability requires that the integrated HTTP server is enabled and the attacker is connected to the same LAN as the device in order to access the integrated HTTP server services. The attacker must also know the device IP address.

Suggested mitigations

The updates below have been released and fix this vulnerability:

  • SimpleLink_cc32xx_sdk_5_30_00_08
    • Products supported: CC3220R/S/SF, CC3120, CC3230S/SF, CC3130, CC3235S/SF, CC3135
    • Service pack versions
      • CC3x20: sp_3.21.0.1_2.7.0.0_2.2.0.7
      • CC3x3x: sp_4.12.0.1_3.7.0.1_3.1.0.26
  • CC3100_CC3200_ServicePack_1.0.1.15-
    • Products supported: CC3100, CC3200
    • Service pack version:
      • servicepack_1.0.1.15-

It is recommended that customers of affected products apply these suggested mitigations.

Customers should also consider disabling the integrated HTTP server when not used in order to reduce the attack surface on their products.


We would like to thank Cisco Talos team for reporting this vulnerability to the TI Product Security Incident Response Team (PSIRT).

External reference

Talos Vulnerability Report TALOS-2021-1393

Revision history

  • Version 1.0 Initial publication