FortiGuard LabsFG-IR-17-212

HistoryNov 03, 2017 - 12:00 a.m.

BlueBorne vulnerabilities and security flaws in Bluetooth stacks

2017-11-0300:00:00

FortiGuard Labs

www.fortiguard.com

8.8 High

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.3 High

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

0.013 Low

EPSS

Percentile

83.8%

JSON

A collection of Bluetooth implementation vulnerabilities known as “BlueBorne” has been released. These vulnerabilities collectively affect Windows, iOS, and Linux-kernel-based operating systems including Android and Tizen, and may in the worst case allow an unauthenticated attacker to perform unauthorized commands on the device.

lenovo 2

cert 1

pentestit 1

seebug 2

threatpost 1

thn 2

myhack58 3

huawei 1

nvidia 1

prion 8

nessus 50

cve 9

veracode 3

debian 3

slackware 2

openvas 32

osv 5

oraclelinux 5

redhat 11

mageia 1

alpinelinux 1

fedora 2

ubuntucve 2

redhatcve 2

archlinux 5

debiancve 2

ibm 1

centos 3

ubuntu 3

symantec 1

mskb 1

mscve 1

exploitpack 4

suse 14

zdt 3

kitploit 1

f5 1

android 2

packetstorm 1

exploitdb 3

apple 2

krebs 1

lenovo

Bluetooth “BlueBorne” Vulnerabilities - NL

2018-07-19 12:31:00

Bluetooth “BlueBorne” Vulnerabilities - Lenovo Support US

2019-01-23 12:42:26

cert

Multiple Bluetooth implementation vulnerabilities affect many devices

2017-09-12 00:00:00

pentestit

How to: Protect Systems From BlueBorne Attacks?

2017-09-14 21:22:24

seebug

The IoT Attack Vector “BlueBorne” Exposes Almost Every Connected Device (BlueBorne)

2017-09-13 00:00:00

BlueBorne RCE on Android 6.0.1 (CVE-2017-0781)

2017-11-16 00:00:00

threatpost

Wireless 'BlueBorne' Attacks Target Billions of Bluetooth Devices

2017-09-12 09:00:09

thn

BlueBorne: Critical Bluetooth Attack Puts Billions of Devices at Risk of Hacking

2017-09-12 05:52:00

Bluetooth Hack Affects 20 Million Amazon Echo and Google Home Devices

2017-11-15 21:43:00

myhack58

Bluetooth agreement revealed eight major security vulnerability bug, capable of affecting fifty-three billion Bluetooth the efficacy of the equipment-vulnerability warning-the black bar safety net

2017-09-13 00:00:00

BlueBorne Bluetooth flaws vulnerability bug depth research and PoC-vulnerability warning-the black bar safety net

2017-09-29 00:00:00

Bluetooth agreement flaws vulnerability:BlueBorne attack affected the number of 10 million Bluetooth equipped-vulnerability warning-the black bar safety net

2017-09-14 00:00:00

huawei

Security Advisory – Multiple “BlueBorne” vulnerabilities on Huawei Products

2017-10-18 00:00:00

nvidia

Security Bulletin: NVIDIA Shield TV contains multiple vulnerabilities; update on "BlueBorne"

2017-10-05 00:00:00

prion

Design/Logic Flaw

2017-09-12 15:29:00

Information disclosure

2017-09-12 17:29:00

Spoofing

2017-09-13 01:29:00

nessus

Apple TV <= 7.2.2 Bluetooth Remote Code Execution (BlueBorne)

2017-09-14 00:00:00

Fedora 27 : bluez (2017-77f991e537) (BlueBorne)

2018-01-15 00:00:00

Scientific Linux Security Update : bluez on SL6.x, SL7.x i386/x86_64 (20170912) (BlueBorne)

2017-09-13 00:00:00

cve

CVE-2017-14315

2017-09-12 15:29:00

CVE-2017-1000250

2017-09-12 17:29:00

CVE-2017-8628

2017-09-13 01:29:00

veracode

Information Disclosure

2019-01-15 09:18:45

Remote Code Execution (RCE)

2019-01-15 09:19:10

Remote Code Execution (RCE)

2019-01-15 09:21:39

debian

[SECURITY] [DSA 3972-1] bluez security update

2017-09-13 11:54:03

[SECURITY] [DSA 3972-1] bluez security update

2017-09-13 11:54:03

[SECURITY] [DLA 1103-1] bluez security update

2017-09-21 21:01:18

slackware

[slackware-security] bluez

2017-09-15 20:16:56

[slackware-security] kernel

2017-09-15 20:17:20

openvas

Huawei EulerOS: Security Advisory for bluez (EulerOS-SA-2019-1378)

2020-01-23 00:00:00

Debian: Security Advisory (DLA-1103-1)

2018-02-06 00:00:00

Slackware: Security Advisory (SSA:2017-258-01)

2022-04-21 00:00:00

osv

bluez - security update

2017-09-21 00:00:00

CVE-2017-1000250

2017-09-12 17:29:00

bluez - security update

2017-09-13 00:00:00

oraclelinux

bluez security update

2017-09-13 00:00:00

kernel security and bug fix update

2017-09-13 00:00:00

kernel security update

2017-09-12 00:00:00

redhat

(RHSA-2017:2685) Moderate: bluez security update

2017-09-12 14:08:48

(RHSA-2017:2707) Important: kernel security and bug fix update

2017-09-13 13:15:37

(RHSA-2017:2705) Important: kernel-rt security update

2017-09-13 13:15:19

mageia

Updated bluez packages fix security vulnerability

2017-09-21 16:43:32

alpinelinux

CVE-2017-1000250

2017-09-12 17:29:00

fedora

[SECURITY] Fedora 27 Update: bluez-5.46-6.fc27

2017-09-30 07:32:32

[SECURITY] Fedora 26 Update: bluez-5.46-6.fc26

2017-09-13 22:26:43

ubuntucve

CVE-2017-1000250

2017-09-12 00:00:00

CVE-2017-1000251

2017-09-12 00:00:00

redhatcve

CVE-2017-1000250

2017-09-12 13:24:13

CVE-2017-1000251

2019-10-31 10:30:53

archlinux

[ASA-201709-3] bluez: information disclosure

2017-09-12 00:00:00

[ASA-201709-9] linux: arbitrary code execution

2017-09-15 00:00:00

[ASA-201709-4] linux-hardened: arbitrary code execution

2017-09-13 00:00:00

debiancve

CVE-2017-1000250

2017-09-12 17:29:00

CVE-2017-1000251

2017-09-12 17:29:00

ibm

Security Bulletin: A vulnerability in bluez affects PowerKVM

2018-06-18 01:38:35

centos

bluez security update

2017-09-12 23:15:38

kernel, perf, python security update

2017-09-12 23:15:02

kernel, perf, python security update

2017-09-13 21:20:33

ubuntu

BlueZ vulnerability

2017-09-12 00:00:00

Linux kernel vulnerability

2017-09-18 00:00:00

Linux kernel vulnerabilities

2017-09-18 00:00:00

symantec

Microsoft Windows Bluetooth Driver CVE-2017-8628 Man in the Middle Spoofing Vulnerability

2017-09-12 00:00:00

mskb

Security update for the Microsoft Bluetooth driver spoofing vulnerability in Windows Server 2008: September 12, 2017

2017-09-12 07:00:00

mscve

Microsoft Bluetooth Driver Spoofing Vulnerability

2017-09-12 07:00:00

exploitpack

Linux Kernel 4.13.1 - BlueTooth Buffer Overflow (PoC)

2017-09-21 00:00:00

Android Bluetooth - Blueborne Information Leak (2)

2017-09-20 00:00:00

Android Bluetooth - Blueborne Information Leak (1)

2017-08-09 00:00:00

suse

Security update for the Linux Kernel (important)

2017-09-21 21:16:32

Security update for the Linux Kernel (important)

2017-09-20 21:07:50

Security update for the Linux Kernel (important)

2017-09-19 00:07:25

zdt

Android Bluetooth - Blueborne Information Leak (2) Exploit

2018-04-29 00:00:00

Android Bluetooth - Blueborne Information Leak (1) Exploit

2018-04-29 00:00:00

LineageOS 14.1 Blueborne - Remote Code Execution Vulnerability

2018-04-07 00:00:00

kitploit

Bluescan - A Powerful Bluetooth Scanner For Scanning BR/LE Devices, LMP, SDP, GATT And Vulnerabilities!

2020-08-28 12:30:00

K63131370 : Linux kernel vulnerability CVE-2017-1000251

2017-10-27 00:00:00

android

CVE-2017-0782

2017-09-01 00:00:00

CVE-2017-0781

2017-09-01 00:00:00

packetstorm

LineageOS 14.1 Blueborne Remote Code Execution

2018-04-06 00:00:00

exploitdb

Android Bluetooth - 'Blueborne' Information Leak (2)

2017-09-20 00:00:00

Linux Kernel < 4.13.1 - BlueTooth Buffer Overflow (PoC)

2017-09-21 00:00:00

Android Bluetooth - 'Blueborne' Information Leak (1)

2017-08-09 00:00:00

apple

About the security content of Apple TV Software 7.3

2019-05-13 00:00:00

About the security content of Apple TV Software 7.3 - Apple Support

2019-05-13 05:23:03

krebs

Adobe, Microsoft Plug Critical Security Holes

2017-09-13 16:42:30

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

8.8 High

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.3 High

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

0.013 Low

EPSS

Percentile

83.8%

JSON

Related for FG-IR-17-212