Bluetooth devices supporting BR/EDR are vulnerable to impersonation attacks

🗓️ 18 May 2020 00:00:00Reported by CERTType

cert

cert🔗 www.kb.cert.org👁 66 Views

Bluetooth BR/EDR vulnerability to BIAS attac

Reporter	Title	Published	Views	Family All 191
Apple	About the security content of macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra	22 Jul 201900:00	–	apple
Apple	About the security content of watchOS 5.3	22 Jul 201900:00	–	apple
Apple	About the security content of tvOS 12.4	22 Jul 201900:00	–	apple
Apple	About the security content of iOS 12.4	22 Jul 201900:00	–	apple
Apple	About the security content of iOS 12.4 - Apple Support	25 Jun 202007:44	–	apple
Apple	About the security content of macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra - Apple Support	25 Jun 202007:44	–	apple
Apple	About the security content of tvOS 12.4 - Apple Support	25 Jun 202007:44	–	apple
Apple	About the security content of watchOS 5.3 - Apple Support	25 Jun 202007:44	–	apple
AstraLinux	Astra Linux - уязвимость в linux	3 May 202623:59	–	astralinux
BDU FSTEC	The vulnerability of the Bluetooth BR/EDR encryption key negotiation protocol lies in its authentication procedures’ deficiencies, which allow attackers to compromise the confidentiality and integrity of the protected information.	2 Feb 202100:00	–	bdu_fstec

Source	Link
bluetooth	www.bluetooth.com/learn-about-bluetooth/bluetooth-technology/bluetooth-security/bias-vulnerability/
francozappa	www.francozappa.github.io/about-bias/
github	www.github.com/francozappa/bias
publications	www.publications.cispa.saarland/3064/
youtube	www.youtube.com/watch
knobattack	www.knobattack.com/
bluetooth	www.bluetooth.com/learn-about-bluetooth/bluetooth-technology/bluetooth-security/reporting-security/

10 Feb 2021 20:15Current

6.9Medium risk

Vulners AI Score6.9

CVSS 24.8

CVSS 3.15.4

EPSS0.02386

bluetooth impersonation attack security .