CVE-2020-10134

Pairing in Bluetooth® Core v5.2 and earlier may permit an unauthenticated attacker to acquire credentials with two pairing devices via adjacent access when the unauthenticated user initiates different pairing methods in each peer device and an end-user erroneously completes both pairing procedure...

Bluetooth devices supporting LE and specific BR/EDR implementations are vulnerable to method confusion attacks

Overview Bluetooth Low Energy BLE and Basic Rate / Enhanced Data Rate BR/EDR Core Configurations are used for low-power short-range communications. To establish an encrypted connection, two Bluetooth devices must pair with each other using an agreed upon Association Model. It is possible for an...