CertccCVELIST:CVE-2020-10135CVE-2020-10135 Bluetooth devices supporting BR/EDR v5.2 and earlier are vulnerable to impersonation attacks
5.4 Medium
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
6.5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
46.5%
Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. An unauthenticated, adjacent attacker could impersonate a Bluetooth BR/EDR master or slave to pair with a previously paired remote device to successfully complete the authentication procedure without knowing the link key.
CNA Affected
[
{
"product": "BR/EDR",
"vendor": "Bluetooth",
"versions": [
{
"lessThanOrEqual": "5.2",
"status": "affected",
"version": "5.2",
"versionType": "custom"
}
]
}
]References
lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html
lists.opensuse.org/opensuse-security-announce/2020-08/msg00047.html
packetstormsecurity.com/files/157922/Bluetooth-Impersonation-Attack-BIAS-Proof-Of-Concept.html
seclists.org/fulldisclosure/2020/Jun/5
francozappa.github.io/about-bias/
kb.cert.org/vuls/id/647177/
www.bluetooth.com/learn-about-bluetooth/bluetooth-technology/bluetooth-security/bias-vulnerability/
Related
5.4 Medium
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
6.5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
46.5%