Lucene search

K
osvGoogleOSV:ASB-A-174626251
HistoryJun 01, 2021 - 12:00 a.m.

Bluetooth security notice (VU#799380.7 TLP:AMBER)

2021-06-0100:00:00
Google
osv.dev
24
bluetooth
security
pin-code
bypass
vulnerability
crypto
privilege escalation
user interaction
software

AI Score

6.6

Confidence

High

EPSS

0.001

Percentile

25.4%

In btm_sec_pin_code_request of btm_sec.cc, there is a possible bypass of Bluetooth pairing pin-code due to improperly used crypto. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.