Security Advisory - Key Negotiation of Bluetooth (KNOB) Vulnerability

2019-08-2800:00:00

Huawei Technologies

www.huawei.com

100

8.1 High

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

4.8 Medium

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:A/AC:L/Au:N/C:P/I:P/A:N

0.001 Low

EPSS

Percentile

42.2%

JSON

The KNOB (Key Negotiation of Bluetooth) vulnerability exists in the encryption key negotiation process between two Bluetooth BR/EDR devices. The negotiation process is not encrypted and no authentication is performed. An unauthenticated, adjacent attacker can initiate a man-in-the-middle attack to reduce the negotiated entropy length used for secure connections to a single octet. Successful exploit could cause the encryption key being vulnerable to brute force. (Vulnerability ID: HWPSIRT-2019-08118)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2019-9506.
Huawei has released software updates to fix this vulnerability. This advisory is available at the following link:
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en

CPENameOperatorVersion
alp-al00blt9.1.0.333
ares-al00blt9.1.0.160
ares-al10dlt9.1.0.160
ares-tl00clt9.1.0.165
asoka-al00axlt9.1.1.181
atomu-l33lt8.0.0.147
atomu-l41lt8.0.0.153
atomu-l42lt8.0.0.155
bla-al00blt9.1.0.329
bla-l29clt9.1.0.300

Name	Operator	Version
alp-al00b	lt	9.1.0.333
ares-al00b	lt	9.1.0.160
ares-al10d	lt	9.1.0.160
ares-tl00c	lt	9.1.0.165
asoka-al00ax	lt	9.1.1.181
atomu-l33	lt	8.0.0.147
atomu-l41	lt	8.0.0.153
atomu-l42	lt	8.0.0.155
bla-al00b	lt	9.1.0.329
bla-l29c	lt	9.1.0.300