Lucene search
+L

270 matches found

osv
osv
added 2022/12/12 4:15 a.m.4 views

CVE-2022-25836

Bluetooth® Low Energy Pairing in Bluetooth Core Specification v4.0 through v5.3 may permit an unauthenticated MITM to acquire credentials with two pairing devices via adjacent access when the MITM negotiates Legacy Passkey Pairing with the pairing Initiator and Secure Connections Passkey Pairing...

7.5CVSS5.8AI score0.00353EPSS
Exploits0References1
osv
osv
added 2022/12/12 4:15 a.m.4 views

CVE-2022-25837

Bluetooth® Pairing in Bluetooth Core Specification v1.0B through v5.3 may permit an unauthenticated MITM to acquire credentials with two pairing devices via adjacent access when at least one device supports BR/EDR Secure Connections pairing and the other BR/EDR Legacy PIN code pairing if the MITM...

7.5CVSS5.8AI score
Exploits0References1
nvd
nvd
added 2022/12/12 4:15 a.m.25 views

CVE-2022-25837

Bluetooth® Pairing in Bluetooth Core Specification v1.0B through v5.3 may permit an unauthenticated MITM to acquire credentials with two pairing devices via adjacent access when at least one device supports BR/EDR Secure Connections pairing and the other BR/EDR Legacy PIN code pairing if the MITM...

7.5CVSS0.00353EPSS
Exploits0References1
ubuntucve
ubuntucve
added 2022/12/12 4:15 a.m.59 views

CVE-2022-25837

Bluetooth® Pairing in Bluetooth Core Specification v1.0B through v5.3 may permit an unauthenticated MITM to acquire credentials with two pairing devices via adjacent access when at least one device supports BR/EDR Secure Connections pairing and the other BR/EDR Legacy PIN code pairing if the MITM...

7.5CVSS7.1AI score0.00353EPSS
Exploits0References3
prion
prion
added 2022/12/12 4:15 a.m.17 views

Design/Logic Flaw

Bluetooth® Pairing in Bluetooth Core Specification v1.0B through v5.3 may permit an unauthenticated MITM to acquire credentials with two pairing devices via adjacent access when at least one device supports BR/EDR Secure Connections pairing and the other BR/EDR Legacy PIN code pairing if the MITM...

3.2CVSS7.7AI score0.00353EPSS
Exploits0References1Affected Software1
osv
osv
added 2022/12/12 4:15 a.m.22 views

UBUNTU-CVE-2022-25836

Bluetooth® Low Energy Pairing in Bluetooth Core Specification v4.0 through v5.3 may permit an unauthenticated MITM to acquire credentials with two pairing devices via adjacent access when the MITM negotiates Legacy Passkey Pairing with the pairing Initiator and Secure Connections Passkey Pairing...

7.5CVSS5.8AI score0.00353EPSS
Exploits0References4
prion
prion
added 2022/12/12 4:15 a.m.14 views

Xxe

Bluetooth® Low Energy Pairing in Bluetooth Core Specification v4.0 through v5.3 may permit an unauthenticated MITM to acquire credentials with two pairing devices via adjacent access when the MITM negotiates Legacy Passkey Pairing with the pairing Initiator and Secure Connections Passkey Pairing...

3.2CVSS7.7AI score0.00353EPSS
Exploits0References1Affected Software1
osv
osv
added 2022/12/12 4:15 a.m.11 views

UBUNTU-CVE-2022-25837

Bluetooth® Pairing in Bluetooth Core Specification v1.0B through v5.3 may permit an unauthenticated MITM to acquire credentials with two pairing devices via adjacent access when at least one device supports BR/EDR Secure Connections pairing and the other BR/EDR Legacy PIN code pairing if the MITM...

7.5CVSS5.9AI score0.00353EPSS
Exploits0References4
cve
cve
added 2022/12/12 12:0 a.m.99 views

CVE-2022-25836

CVE-2022-25836 affects Bluetooth Low Energy Pairing in Bluetooth Core Specification v4.0–v5.3. An unauthenticated MITM can exploit two pairing devices with adjacent access by negotiating Legacy Passkey Pairing (Initiator) and Secure Connections Passkey Pairing (Responder), then brute-forcing the ...

7.5CVSS7.7AI score0.00353EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2022/12/12 12:0 a.m.6 views

CVE-2022-25837

Bluetooth® Pairing in Bluetooth Core Specification v1.0B through v5.3 may permit an unauthenticated MITM to acquire credentials with two pairing devices via adjacent access when at least one device supports BR/EDR Secure Connections pairing and the other BR/EDR Legacy PIN code pairing if the MITM...

7.7AI score0.00353EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2022/12/12 12:0 a.m.7 views

CVE-2022-25836

Bluetooth® Low Energy Pairing in Bluetooth Core Specification v4.0 through v5.3 may permit an unauthenticated MITM to acquire credentials with two pairing devices via adjacent access when the MITM negotiates Legacy Passkey Pairing with the pairing Initiator and Secure Connections Passkey Pairing...

7.5AI score0.00353EPSS
Exploits0References1
cvelist
cvelist
added 2022/12/12 12:0 a.m.24 views

CVE-2022-25836

Bluetooth® Low Energy Pairing in Bluetooth Core Specification v4.0 through v5.3 may permit an unauthenticated MITM to acquire credentials with two pairing devices via adjacent access when the MITM negotiates Legacy Passkey Pairing with the pairing Initiator and Secure Connections Passkey Pairing...

7.9AI score0.00353EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2022/12/11 12:0 a.m.8 views

PT-2022-5922

Name of the Vulnerable Software and Affected Versions Bluetooth Core Specification versions 4.0 through 5.3 Linux kernel affected versions not specified Description The issue is related to errors in the authentication procedure of the Bluetooth Low Energy driver in the Linux kernel. It may allow ...

7.5CVSS7.1AI score0.00353EPSS
Exploits0References14
nessus
nessus
added 2022/10/22 12:0 a.m.16 views

SUSE SLES15 Security Update : bluez (SUSE-SU-2022:3687-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3687-1 advisory. - CVE-2021-0129: Fixed improper access control bsc1186463. - CVE-2020-26558: Fixed vulnerability that may permit a nearby...

9.1CVSS7.3AI score0.01544EPSS
Exploits2References18
malwarebytes
malwarebytes
added 2022/10/13 8:45 p.m.19 views

Android and Chrome start showing passwords the door

Google has announced that it's bringing passkey support to both Android and Chrome. On May 5, 2022, it said it would implement passwordless support in Android and Chrome and the latest annoncement about passkeys is an important step in that journey. Passkeys Passkeys are a replacement for...

6.6AI score
Exploits0
thn
thn
added 2022/10/12 2:23 p.m.30 views

Google Rolling Out Passkey Passwordless Login Support to Android and Chrome

Google on Wednesday officially rolled out support for passkeys, the next-generation authentication standard, to both Android and Chrome. "Passkeys are a significantly safer replacement for passwords and other phishable authentication factors," the tech giant said. "They cannot be reused, don't le...

0.6AI score
Exploits0
malwarebytes
malwarebytes
added 2022/09/15 10:30 a.m.22 views

Here are the new security and privacy features of iOS 16

On Monday, September 12, Apple released iOS 16, which included a host of new security and privacy features. Let's look at what these are--and some quality-of-life QoL changes. Lockdown Mode As Macrumors calls it, Lockdown Mode is an "extreme" security setting ideal for those who regularly find...

6.4AI score
Exploits0
malwarebytes
malwarebytes
added 2022/09/13 10:30 a.m.21 views

Apple puts the password on life support with passkey

The "passwordless future" is something many internet users--and a great majority of the cybersecurity industry--have hoped for. Now Apple is about to make those hopes a reality. With the release of iOS 16 yesterday, and macOS Ventura next month, Apple fans will be able to use passkeys, its passwo...

Exploits0
mscve
mscve
added 2022/04/23 7:0 a.m.3 views

Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time.

...

4.3CVSS6.9AI score0.00872EPSS
Exploits0
nessus
nessus
added 2021/11/11 12:0 a.m.79 views

RHEL 8 : bluez (RHSA-2021:4432)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:4432 advisory. The bluez packages contain the following utilities for use in Bluetooth applications: hcitool, hciattach, hciconfig, bluetoothd, l2ping, start script...

4.3CVSS7.1AI score0.00872EPSS
Exploits0References6
Rows per page
Query Builder