5.4 Medium
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
4.8 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:A/AC:L/Au:N/C:P/I:P/A:N
0.001 Low
EPSS
Percentile
45.6%
Bluetooth Basic Rate / Enhanced Data Rate (BR/EDR) Core Configurations are used for low-power short-range communications. To establish an encrypted connection, two Bluetooth devices must pair with each other using a link key. It is possible for an unauthenticated, adjacent attacker to impersonate a previously paired/bonded device and successfully authenticate without knowing the link key. This could allow an attacker to gain full access to the paired device by performing a Bluetooth Impersonation Attack (BIAS).
Bluetooth is a short-range wireless technology based off of a core specification that defines six different core configurations, including the Bluetooth Basic Rate / Enhanced Data Rate (BR/EDR) Core Configurations. Bluetooth BR/EDR is used for low-power short-range communications. To establish an encrypted connection, two Bluetooth devices must pair with each other using a link key. It is possible for an unauthenticated, adjacent attacker to spoof the address of a previously paired remote device to successfully complete the authentication procedure with some paired/bonded devices without knowing the link key.
The Bluetooth Impersonation Attack (BIAS) can be performed in two different ways, depending on which Secure Simple Pairing method (either Legacy Secure Connections or Secure Connections) was previously used to establish a connection between two devices. If the pairing procedure was completed using the Secure Connections method, the attacker could claim to be the previously paired remote device that no longer supports secure connections, thereby downgrading the authentication security. This would allow the attacker to proceed with the BIAS method against the legacy authentication unless the device they are attacking is in Secure Connections only mode. If the attacker can either downgrade authentication or is attacking a device that does not support Secure Connections, they can perform the attack using a similar method by initiating a master-slave role switch to place itself into the master role and become the authentication initiator. If successful, they complete the authentication with the remote device. If the remote device does not then mutually authenticate with the attacker in the master role, it will result in the authentication-complete notification on both devices, even though the attacker does not possess the link key.
The BIAS method is able to be performed for the following reasons: Bluetooth secure connection establishment is not encrypted and the selection of secure connections pairing method is not enforced for an already established pairing, Legacy Secure Connections secure connection establishment does not require mutual authentication, a Bluetooth device can perform a role switch any time after baseband paging, and devices who paired using Secure Connections can use Legacy Secure Connections during secure connection establishment.
An unauthenticated, adjacent attacker could impersonate a Bluetooth BR/EDR master or slave to pair with a previously paired remote device to successfully complete the authentication procedure without knowing the link key. The BIAS attack could be combined with the Key Negotiation of Bluetooth (KNOB) attack to “impersonate a Bluetooth device, complete authentication without possessing the link key, negotiate a session key with low entropy, establish a secure connection, and brute force the session key”. An attacker could initiate a KNOB attack on encryption key strength without intervening in an ongoing pairing procedure through an injection attack. If the accompanying KNOB attack is successful, an attacker may gain full access as the remote paired device. If the KNOB attack is unsuccessful, the attacker will not be able to establish an encrypted link but may still appear authenticated to the host.
Bluetooth host and controller suppliers should refer to the Bluetooth SIG’s statement for guidance on updating their products. Downstream vendors should refer to their suppliers for updates.
Thanks to Daniele Antonioli of Singapore University of Technology and Design, Nils Ole Tippenhauer of CISPA Helmholtz Center for Information Security, and Kasper Rasmussen of the University of Oxford for reporting this vulnerability.
This document was written by Madison Oliver.
647177
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Notified: 2020-04-06 Updated: 2020-05-14 CVE-2020-10135 | Affected |
---|
We have not received a statement from the vendor.
Notified: 2020-06-09 Updated: 2020-05-18 CVE-2020-10135 | Affected |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-05-14 CVE-2020-10135 | Affected |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-05-14 CVE-2020-10135 | Affected |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-05-14 CVE-2020-10135 | Affected |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-05-14 CVE-2020-10135 | Affected |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-14
Statement Date: April 10, 2020
CVE-2020-10135 | Not Affected |
---|
Not vulnerable.
Notified: 2020-04-06 Updated: 2020-05-26
Statement Date: May 17, 2020
CVE-2020-10135 | Not Affected |
---|
LANCOM Systems products are not vulnerable to these vulnerabilities.
Notified: 2020-04-06 Updated: 2020-04-20
Statement Date: April 13, 2020
CVE-2020-10135 | Not Affected |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-05-14 CVE-2020-10135 | Unknown |
---|
Intel’s Bluetooth Controllers (part of Wi-Fi/Bluetooth products) are not affected.
While the researchers have listed Intel controllers as affected by this vulnerability in their original report, Intel has disagreed and claims to be unaffected. The researchers have observed a lack of mutual authentication when using legacy secure connection, but that mutual authentication could, in theory, be implemented either in the controller or the host. The Bluetooth SIG has concluded that this was always the responsibility of the host and the current spec errata that have been adopted is just clarifying this fact. The host operating systems are responsible for implementing the mitigation.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-07-10 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-08-20 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-05-06 Updated: 2020-05-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-08-20 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-08-20 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-05-06 Updated: 2020-05-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-08-20 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-08-20 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-06 Updated: 2020-04-06 CVE-2020-10135 | Unknown |
---|
We have not received a statement from the vendor.
View all 221 vendors __View less vendors __
Group | Score | Vector |
---|---|---|
Base | 4.8 | AV:A/AC:L/Au:N/C:P/I:P/A:N |
Temporal | 4.8 | E:ND/RL:ND/RC:ND |
Environmental | 4.8 | CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND |
CVE IDs: | CVE-2020-10135 |
---|---|
Date Public: | 2020-04-14 Date First Published: |
francozappa.github.io/about-bias/
github.com/francozappa/bias
knobattack.com/
publications.cispa.saarland/3064/
www.bluetooth.com/learn-about-bluetooth/bluetooth-technology/bluetooth-security/bias-vulnerability/
www.bluetooth.com/learn-about-bluetooth/bluetooth-technology/bluetooth-security/reporting-security/
www.youtube.com/watch?v=fASGU7Og5_4
5.4 Medium
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
4.8 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:A/AC:L/Au:N/C:P/I:P/A:N
0.001 Low
EPSS
Percentile
45.6%