Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMicrosoftCVE-2017-8628
HistorySep 13, 2017 - 1:29 a.m.

CVE-2017-8628

2017-09-1301:29:09
microsoft
web.nvd.nist.gov
264
cve-2017-8628
microsoft
bluetooth driver
spoofing vulnerability
windows server 2008
windows 7
windows 8.1
windows rt 8.1
windows 10 gold
1511
1607
1703
nvd

CVSS2

4.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:A/AC:M/Au:N/C:P/I:P/A:N

CVSS3

6.8

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

7

Confidence

High

EPSS

0.001

Percentile

46.2%

JSON

Microsoft Bluetooth Driver in Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703 allows a spoofing vulnerability due to Microsoft’s implementation of the Bluetooth stack, aka “Microsoft Bluetooth Driver Spoofing Vulnerability”.

Affected configurations

Nvd
Vulners
Node
microsoftwindows_10Match-
OR
microsoftwindows_10Match1511
OR
microsoftwindows_10Match1607
OR
microsoftwindows_10Match1703
OR
microsoftwindows_7Match-sp1
OR
microsoftwindows_8.1
OR
microsoftwindows_rt_8.1
OR
microsoftwindows_server_2008Match-sp2
VendorProductVersionCPE
microsoftwindows_10-cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
microsoftwindows_101511cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*
microsoftwindows_101607cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
microsoftwindows_101703cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
microsoftwindows_7-cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*
microsoftwindows_8.1*cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*
microsoftwindows_rt_8.1*cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*
microsoftwindows_server_2008-cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "Microsoft Bluetooth Driver",
    "vendor": "Microsoft Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703."
      }
    ]
  }
]

Related

symantec 1
openvas 7
cvelist 1
mscve 1
prion 1
mskb 9
nvd 1
krebs 1
threatpost 2
qualysblog 1
myhack58 2
seebug 1
thn 1
lenovo 2
fortinet 1
cert 1
pentestit 1
nessus 7
kaspersky 2
talosblog 1
trendmicroblog 1
symantec
symantec
Microsoft Windows Bluetooth Driver CVE-2017-8628 Man in the Middle Spoofing Vulnerability
2017-09-12 00:00:00
openvas
openvas
Microsoft Bluetooth Driver Spoofing Vulnerability (KB4034786)
2017-09-13 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4038777)
2017-09-13 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4038792)
2017-09-13 00:00:00
cvelist
cvelist
CVE-2017-8628
2017-09-13 01:00:00
mscve
mscve
Microsoft Bluetooth Driver Spoofing Vulnerability
2017-09-12 07:00:00
prion
prion
Spoofing
2017-09-13 01:29:00
mskb
mskb
Security update for the Microsoft Bluetooth driver spoofing vulnerability in Windows Server 2008: September 12, 2017
2017-09-12 07:00:00
July 11, 2017—KB4025337 (Security-only update)
2017-09-12 07:00:00
July 11, 2017—KB4025333 (Security-only update)
2017-09-12 07:00:00
nvd
nvd
CVE-2017-8628
2017-09-13 01:29:09
krebs
krebs
Adobe, Microsoft Plug Critical Security Holes
2017-09-13 16:42:30
threatpost
threatpost
Microsoft Patches .NET Zero Day Vulnerability in September Update
2017-09-12 15:59:40
Wireless 'BlueBorne' Attacks Target Billions of Bluetooth Devices
2017-09-12 09:00:09
qualysblog
qualysblog
September Patch Tuesday: 27 Critical Vulnerabilities from Microsoft, plus Critical Adobe Patches
2017-09-12 18:23:49
myhack58
myhack58
Bluetooth agreement flaws vulnerability:BlueBorne attack affected the number of 10 million Bluetooth equipped-vulnerability warning-the black bar safety net
2017-09-14 00:00:00
Bluetooth agreement revealed eight major security vulnerability bug, capable of affecting fifty-three billion Bluetooth the efficacy of the equipment-vulnerability warning-the black bar safety net
2017-09-13 00:00:00
seebug
seebug
The IoT Attack Vector “BlueBorne” Exposes Almost Every Connected Device (BlueBorne)
2017-09-13 00:00:00
thn
thn
BlueBorne: Critical Bluetooth Attack Puts Billions of Devices at Risk of Hacking
2017-09-12 05:52:00
lenovo
lenovo
Bluetooth “BlueBorne” Vulnerabilities - Lenovo Support US
2019-01-23 12:42:26
Bluetooth “BlueBorne” Vulnerabilities - NL
2018-07-19 12:31:00
fortinet
fortinet
BlueBorne vulnerabilities and security flaws in Bluetooth stacks
2017-11-03 00:00:00
cert
cert
Multiple Bluetooth implementation vulnerabilities affect many devices
2017-09-12 00:00:00
pentestit
pentestit
How to: Protect Systems From BlueBorne Attacks?
2017-09-14 21:22:24
nessus
nessus
Windows 2008 September 2017 Multiple Security Updates
2017-09-12 00:00:00
Windows 7 and Windows Server 2008 R2 September 2017 Security Updates
2017-09-12 00:00:00
Windows 8.1 and Windows Server 2012 R2 September 2017 Security Updates
2017-09-12 00:00:00
kaspersky
kaspersky
KLA11899 Multiple vulnerabilities in Microsoft Products (ESU)
2017-09-12 00:00:00
KLA11099 Multiple vulnerabilities in Microsoft Windows
2017-09-12 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday - September 2017
2017-09-12 15:41:00
trendmicroblog
trendmicroblog
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of September 11, 2017
2017-09-15 14:59:53

CVSS2

4.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:A/AC:M/Au:N/C:P/I:P/A:N

CVSS3

6.8

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

7

Confidence

High

EPSS

0.001

Percentile

46.2%

JSON
Related for CVE-2017-8628
symantec1openvas7cvelist1mscve1prion1mskb9nvd1krebs1threatpost2qualysblog1myhack582seebug1thn1lenovo2fortinet1cert1pentestit1nessus7kaspersky2talosblog1trendmicroblog1