39 matches found
CVE-2026-31773
A flaw was found in the Linux kernel's Bluetooth Security Manager Protocol SMP. The system incorrectly labels a Short Term Key STK as authenticated during legacy pairing, even when Man-in-the-Middle MITM protection was not established. This misrepresentation of the key's authentication status cou...
CVE-2026-31773
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SMP: derive legacy responder STK authentication from MITM state The legacy responder path in smprandom currently labels the stored STK as authenticated whenever pendingseclevel is BTSECURITYHIGH. That reflects what the...
PT-2026-36408
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Bluetooth Security Manager Protocol SMP where the legacy responder path in the smp random function incorrectly labels the stored Short Term Key STK as authenticate...
EUVD-2019-14641
Malware in sbrugna...
EUVD-2025-18749
Malicious code in bioql PyPI...
EUVD-2022-49209
Malicious code in bioql PyPI...
CVE-2025-32876
An issue was discovered on COROS PACE 3 devices through 3.0808.0. The BLE implementation of the COROS smartwatch does not support LE Secure Connections and instead enforces BLE Legacy Pairing. In BLE Legacy Pairing, the Short-Term Key STK can be easily guessed. This requires knowledge of the...
CVE-2025-32876
An issue was discovered on COROS PACE 3 devices through 3.0808.0. The BLE implementation of the COROS smartwatch does not support LE Secure Connections and instead enforces BLE Legacy Pairing. In BLE Legacy Pairing, the Short-Term Key STK can be easily guessed. This requires knowledge of the...
CVE-2025-32876
An issue was discovered on COROS PACE 3 devices through 3.0808.0. The BLE implementation of the COROS smartwatch does not support LE Secure Connections and instead enforces BLE Legacy Pairing. In BLE Legacy Pairing, the Short-Term Key STK can be easily guessed. This requires knowledge of the...
CVE-2025-32876
An issue was discovered on COROS PACE 3 devices through 3.0808.0. The BLE implementation of the COROS smartwatch does not support LE Secure Connections and instead enforces BLE Legacy Pairing. In BLE Legacy Pairing, the Short-Term Key STK can be easily guessed. This requires knowledge of the...
COROS PACE 3 安全漏洞
COROS PACE 3 is a GPS sports watch from COROS China. A security vulnerability exists in COROS PACE 3 3.0808.0 and prior versions, which stems from a BLE implementation that only supports older pairings and could lead to communication eavesdropping...
CVE-2025-32876
The CVE-2025-32876 issue affects COROS PACE 3 devices (through 3.0808.0). The BLE stack does not support LE Secure Connections and uses BLE Legacy Pairing, where the Short-Term Key can be easily guessed. The Temporary Key is 0 due to Just Works, enabling an attacker within Bluetooth range to snif...
CVE-2022-46400
The Microchip RN4870 module firmware 1.43 and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112 allows attackers to bypass passkey entry in legacy pairing...
CVE-2022-25837
Bluetooth® Pairing in Bluetooth Core Specification v1.0B through v5.3 may permit an unauthenticated MITM to acquire credentials with two pairing devices via adjacent access when at least one device supports BR/EDR Secure Connections pairing and the other BR/EDR Legacy PIN code pairing if the MITM...
CVE-2019-5034
An exploitable information disclosure vulnerability exists in the Weave Legacy Pairing functionality of Nest Cam IQ Indoor version 4620002. A set of specially crafted weave packets can cause an out of bounds read, resulting in information disclosure. An attacker can send packets to trigger this...
ASB-A-251514170
In smpprocrand of smpact.cc, there is a possible authentication bypass during legacy BLE pairing due to incorrect implementation of a protocol. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
SUSE CVE-2020-10135
Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. An unauthenticated, adjacent attacker could impersonate a Bluetooth...
CVE-2022-45190
An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio range can bypass passkey entry in the legacy pairing of the device...
Design/Logic Flaw
An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio range can bypass passkey entry in the legacy pairing of the device...
Microchip RN4870 访问控制错误漏洞
The Microchip RN4870 is a Bluetooth low energy module chip from Microchip, Inc. A security vulnerability exists in the Microchip RN4870 version 1.43, which stems from an attacker within the range of the BLE radio that can bypass the key entry in the device's legacy pairing...