8.8 High
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
5.8 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:P/I:P/A:P
**Lenovo Security Advisory:**LEN-51734
**Potential Impact:**Information disclosure, privilege escalation
**Severity:**Medium
**Scope of Impact:**Industry-wide
**CVE Identifier:**CVE-2020-26555, CVE- 2020-26556, CVE-2020-26557, CVE-2020-26558, CVE-2020-26559, CVE-2020-26560
Summary Description:
As reported in CERT Coordination Center (CERT/CC) Vulnerability Note VU#799380, devices supporting the Bluetooth Core and Mesh Specifications are vulnerable to impersonation attacks and AuthValue disclosure that could allow an attacker to impersonate a legitimate device during pairing.
Mitigation Strategy for Customers (what you should do to protect yourself):
The Bluetooth SIG recommends users have installed the latest recommended updates from device and operating system manufacturers.
For device updates, update to the version (or later) indicated in the Product Impact section below.
For operating system updates, Lenovo recommends that you contact the vendor of your operating system.
Additional mitigation guidance for each vulnerability has been provided by the Bluetooth SIG, which can be found in VU#799380 and in the Bluetooth SIG Security Notices.
8.8 High
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
5.8 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:P/I:P/A:P