CERTVU:647177Bluetooth devices supporting BR/EDR are vulnerable to impersonation attacks
5.4 Medium
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
4.8 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:A/AC:L/Au:N/C:P/I:P/A:N
0.001 Low
EPSS
Percentile
45.6%
Overview
Bluetooth Basic Rate / Enhanced Data Rate (BR/EDR) Core Configurations are used for low-power short-range communications. To establish an encrypted connection, two Bluetooth devices must pair with each other using a link key. It is possible for an unauthenticated, adjacent attacker to impersonate a previously paired/bonded device and successfully authenticate without knowing the link key. This could allow an attacker to gain full access to the paired device by performing a Bluetooth Impersonation Attack (BIAS).
Description
Bluetooth is a short-range wireless technology based off of a core specification that defines six different core configurations, including the Bluetooth Basic Rate / Enhanced Data Rate (BR/EDR) Core Configurations. Bluetooth BR/EDR is used for low-power short-range communications. To establish an encrypted connection, two Bluetooth devices must pair with each other using a link key. It is possible for an unauthenticated, adjacent attacker to spoof the address of a previously paired remote device to successfully complete the authentication procedure with some paired/bonded devices without knowing the link key.
The Bluetooth Impersonation Attack (BIAS) can be performed in two different ways, depending on which Secure Simple Pairing method (either Legacy Secure Connections or Secure Connections) was previously used to establish a connection between two devices. If the pairing procedure was completed using the Secure Connections method, the attacker could claim to be the previously paired remote device that no longer supports secure connections, thereby downgrading the authentication security. This would allow the attacker to proceed with the BIAS method against the legacy authentication unless the device they are attacking is in Secure Connections only mode. If the attacker can either downgrade authentication or is attacking a device that does not support Secure Connections, they can perform the attack using a similar method by initiating a master-slave role switch to place itself into the master role and become the authentication initiator. If successful, they complete the authentication with the remote device. If the remote device does not then mutually authenticate with the attacker in the master role, it will result in the authentication-complete notification on both devices, even though the attacker does not possess the link key.
The BIAS method is able to be performed for the following reasons: Bluetooth secure connection establishment is not encrypted and the selection of secure connections pairing method is not enforced for an already established pairing, Legacy Secure Connections secure connection establishment does not require mutual authentication, a Bluetooth device can perform a role switch any time after baseband paging, and devices who paired using Secure Connections can use Legacy Secure Connections during secure connection establishment.
Impact
An unauthenticated, adjacent attacker could impersonate a Bluetooth BR/EDR master or slave to pair with a previously paired remote device to successfully complete the authentication procedure without knowing the link key. The BIAS attack could be combined with the Key Negotiation of Bluetooth (KNOB) attack to “impersonate a Bluetooth device, complete authentication without possessing the link key, negotiate a session key with low entropy, establish a secure connection, and brute force the session key”. An attacker could initiate a KNOB attack on encryption key strength without intervening in an ongoing pairing procedure through an injection attack. If the accompanying KNOB attack is successful, an attacker may gain full access as the remote paired device. If the KNOB attack is unsuccessful, the attacker will not be able to establish an encrypted link but may still appear authenticated to the host.
Solution
Bluetooth host and controller suppliers should refer to the Bluetooth SIG’s statement for guidance on updating their products. Downstream vendors should refer to their suppliers for updates.
Acknowledgements
Thanks to Daniele Antonioli of Singapore University of Technology and Design, Nils Ole Tippenhauer of CISPA Helmholtz Center for Information Security, and Kasper Rasmussen of the University of Oxford for reporting this vulnerability.
This document was written by Madison Oliver.
Vendor Information
647177
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Apple Affected
| Notified: 2020-04-06 Updated: 2020-05-14 CVE-2020-10135 | Affected |
|---|
Vendor Statement
We have not received a statement from the vendor.
Bluetooth SIG __ Affected
| Notified: 2020-06-09 Updated: 2020-05-18 CVE-2020-10135 | Affected |
|---|
Vendor Statement
We have not received a statement from the vendor.
References
- <https://www.bluetooth.com/learn-about-bluetooth/bluetooth-technology/blueto>
- oth-security/bias-vulnerability/
Broadcom Affected
| Notified: 2020-04-06 Updated: 2020-05-14 CVE-2020-10135 | Affected |
|---|
Vendor Statement
We have not received a statement from the vendor.
Cypress Semiconductor Affected
| Notified: 2020-04-06 Updated: 2020-05-14 CVE-2020-10135 | Affected |
|---|
Vendor Statement
We have not received a statement from the vendor.
Qualcomm Affected
| Notified: 2020-04-06 Updated: 2020-05-14 CVE-2020-10135 | Affected |
|---|
Vendor Statement
We have not received a statement from the vendor.
Samsung Affected
| Notified: 2020-04-06 Updated: 2020-05-14 CVE-2020-10135 | Affected |
|---|
Vendor Statement
We have not received a statement from the vendor.
Check Point __ Not Affected
Notified: 2020-04-06 Updated: 2020-04-14
Statement Date: April 10, 2020
| CVE-2020-10135 | Not Affected |
|---|
Vendor Statement
Not vulnerable.
LANCOM Systems GmbH __ Not Affected
Notified: 2020-04-06 Updated: 2020-05-26
Statement Date: May 17, 2020
| CVE-2020-10135 | Not Affected |
|---|
Vendor Statement
LANCOM Systems products are not vulnerable to these vulnerabilities.
Zyxel Not Affected
Notified: 2020-04-06 Updated: 2020-04-20
Statement Date: April 13, 2020
| CVE-2020-10135 | Not Affected |
|---|
Vendor Statement
We have not received a statement from the vendor.
Intel __ Unknown
| Notified: 2020-04-06 Updated: 2020-05-14 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
Intel’s Bluetooth Controllers (part of Wi-Fi/Bluetooth products) are not affected.
CERT Addendum
While the researchers have listed Intel controllers as affected by this vulnerability in their original report, Intel has disagreed and claims to be unaffected. The researchers have observed a lack of mutual authentication when using legacy secure connection, but that mutual authentication could, in theory, be implemented either in the controller or the host. The Bluetooth SIG has concluded that this was always the responsibility of the host and the current spec errata that have been adopted is just clarifying this fact. The host operating systems are responsible for implementing the mitigation.
A10 Networks Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
ACCESS Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
ADTRAN Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
ANTlabs Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
ARRIS Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
ASUSTeK Computer Inc. Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
AT&T Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
AVM GmbH Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Actelis Networks Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Actiontec Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Aerohive Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
AhnLab Inc Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
AirWatch Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Akamai Technologies Inc. Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Alcatel-Lucent Enterprise Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Allied Telesis Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Alpine Linux Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Amazon Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Android Open Source Project Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Arch Linux Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Arista Networks Inc. Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Aruba Networks Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Aspera Inc. Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Atheros Communications Inc Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Avaya Inc. Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Barracuda Networks Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Belden Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Belkin Inc. Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Bell Canada Enterprises Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
BlackBerry Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Blackberry QNX Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Blue Coat Systems Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
BlueCat Networks Inc. Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Blunk Microsystems Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
BoringSSL Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Brocade Communication Systems Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Buffalo Technology Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
CA Technologies Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
CMX Systems Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
CZ.NIC Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Cambium Networks Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Ceragon Networks Inc Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Cirpack Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Cisco Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Comcast Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Contiki OS Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
CoreOS Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Cradlepoint Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Cricket Wireless Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
D-Link Systems Inc. Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Debian GNU/Linux Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Dell Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Dell EMC Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Dell SecureWorks Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
DesktopBSD Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Deutsche Telekom Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Devicescape Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Digi International Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
DragonFly BSD Project Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
ENEA Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
EfficientIP Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Ericsson Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Espressif Systems Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
European Registry for Internet Domains Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Express Logic Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Extreme Networks Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
F-Secure Corporation Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
F5 Networks Inc. Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Fastly Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Fedora Project Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Force10 Networks Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Fortinet Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Foundry Brocade Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
FreeBSD Project Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
GFI Software Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
GNU adns Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
GNU glibc Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Geexbox Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Gentoo Linux Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Google Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Grandstream Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Green Hills Software Unknown
| Notified: 2020-07-10 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
HCC Unknown
| Notified: 2020-08-20 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
HP Inc. Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
HTC Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
HardenedBSD Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Hewlett Packard Enterprise Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Hitachi Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Honeywell Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Huawei Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
IBM Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
IBM Corporation (zseries) Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
INTEROP Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Illumos Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
InfoExpress Inc. Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Infoblox Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Inmarsat Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Internet Systems Consortium Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Internet Systems Consortium - DHCP Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
JH Software Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Joyent Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Juniper Networks Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
LG Electronics Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
LITE-ON Technology Corporation Unknown
| Notified: 2020-05-06 Updated: 2020-05-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Lancope Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Lantronix Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Lenovo Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
LibreSSL Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Linksys Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
LiteSpeed Technologies Unknown
| Notified: 2020-08-20 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Lynx Software Technologies Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Marvell Semiconductor Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
McAfee Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
MediaTek Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Medtronic Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Men & Mice Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Metaswitch Networks Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Micro Focus Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Microchip Technology Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Microsoft Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
MikroTik Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Miredo Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Mitel Networks Inc. Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Motorola Inc. Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Muonics Inc. Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
NEC Corporation Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
NETSCOUT Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
NIKSUN Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
NLnet Labs Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
NetBSD Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
NetBurner Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Netgear Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Nexenta Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Nixu Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Nokia Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Nominum Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
OleumTech Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
OpenBSD Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
OpenConnect Ltd Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
OpenSSL Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
OpenWRT Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Openwall GNU/*/Linux Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Oracle Corporation Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Oryx Embedded Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
PHPIDS Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Paessler Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Palo Alto Networks Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Peplink Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Philips Electronics Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
PowerDNS Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Proxim Inc. Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Pulse Secure Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
QLogic Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Quadros Systems Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Quagga Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Quantenna Communications Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Red Hat Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Riverbed Technologies Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Rocket RTOS (Inactive) Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Roku Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Ruckus Wireless Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
SMC Networks Inc. Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
SUSE Linux Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
SafeNet Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Samsung Mobile Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Secure64 Software Corporation Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Sierra Wireless Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Silvair Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Slackware Linux Inc. Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
SmoothWall Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Snort Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
SonicWall Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Sonos Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Sony Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Sophos Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Sourcefire Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Symantec Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Synology Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
TCPWave Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
TDS Telecom Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
TP-LINK Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Technicolor Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Tenable Network Security Unknown
| Notified: 2020-08-20 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
TippingPoint Technologies Inc. Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Tizen Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Toshiba Commerce Solutions Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Treck Unknown
| Notified: 2020-05-06 Updated: 2020-05-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
TrueOS Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Turbolinux Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Ubiquiti Networks Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Ubuntu Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Unisys Corporation Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Untangle Unknown
| Notified: 2020-08-20 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
VMware Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Vertical Networks Inc. Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Wind River Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
WizNET Technology Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Xiaomi Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
XigmaNAS Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Xilinx Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Zebra Technologies Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
Zephyr Project Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
dnsmasq Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
eCosCentric Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
eero Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
lwIP Unknown
| Notified: 2020-08-20 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
m0n0wall Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
netsnmp Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
netsnmpj Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
pfSense Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
wolfSSL Unknown
| Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
|---|
Vendor Statement
We have not received a statement from the vendor.
View all 221 vendors __View less vendors __
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | 4.8 | AV:A/AC:L/Au:N/C:P/I:P/A:N |
| Temporal | 4.8 | E:ND/RL:ND/RC:ND |
| Environmental | 4.8 | CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND |
References
- <https://www.bluetooth.com/learn-about-bluetooth/bluetooth-technology/bluetooth-security/bias-vulnerability/>
- <https://francozappa.github.io/about-bias/>
- <https://github.com/francozappa/bias>
- <https://publications.cispa.saarland/3064/>
- <https://www.youtube.com/watch?v=fASGU7Og5_4>
- <https://knobattack.com/>
- <https://www.bluetooth.com/learn-about-bluetooth/bluetooth-technology/bluetooth-security/reporting-security/>
Other Information
| CVE IDs: | CVE-2020-10135 |
|---|---|
| Date Public: | 2020-04-14 Date First Published: |
References
francozappa.github.io/about-bias/
github.com/francozappa/bias
knobattack.com/
publications.cispa.saarland/3064/
www.bluetooth.com/learn-about-bluetooth/bluetooth-technology/bluetooth-security/bias-vulnerability/
www.bluetooth.com/learn-about-bluetooth/bluetooth-technology/bluetooth-security/reporting-security/
www.youtube.com/watch?v=fASGU7Og5_4
Related
5.4 Medium
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
4.8 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:A/AC:L/Au:N/C:P/I:P/A:N
0.001 Low
EPSS
Percentile
45.6%