Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2022/08/01 12:0 a.m.24 views

ASB-A-231161832

In btifdmauthcmplevt of btifdm.cc, there is a possible vulnerability in Cross-Transport Key Derivation due to Weakness in Bluetooth Standard. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

9.8CVSS6.2AI score0.01481EPSS
Exploits0References3
Malwarebytes
Malwarebytesadded 2020/09/21 4:16 p.m.29 views

A week in security (September 14 – 20)

Last week on Malwarebytes Labs, we looked at Fintech industry developments, specifically the differences between Europe and the US, and we analyzed how some charities and the advertising industry are tied together. We also told readers about what companies can do to counter domain name abuse. In...

0.1AI score
Exploits0
NVD
NVDadded 2020/09/11 2:15 p.m.26 views

CVE-2020-15802

Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, either LE or BR/EDR, and replace a bonding already...

5.9CVSS0.55804EPSS
Exploits1References3
Prion
Prionadded 2020/09/11 2:15 p.m.25 views

Cross site scripting

Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, either LE or BR/EDR, and replace a bonding already...

4.3CVSS5.6AI score0.55804EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2020/09/11 1:7 p.m.29 views

CVE-2020-15802

Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, either LE or BR/EDR, and replace a bonding already...

5.6AI score0.55804EPSS
Exploits1References3
CVE
CVEadded 2020/09/11 1:7 p.m.219 views

CVE-2020-15802

CVE-2020-15802 concerns Bluetooth Cross-Transport Key Derivation (BLURtooth) affecting devices that support Bluetooth before 5.1. The root cause is Cross Transport Key Derivation in Bluetooth Core Specification v4.2/v5.0, which may permit an unauthenticated user to establish bonding on one transp...

5.9CVSS5.8AI score0.55804EPSS
Exploits1References3Affected Software1
The Hacker News
The Hacker Newsadded 2020/09/10 9:37 p.m.2 views

New Unpatched Bluetooth Flaw Lets Hackers Easily Target Nearby Devices

Bluetooth SIG—an organization that oversees the development of Bluetooth standards—today issued a statement informing users and vendors of a newly reported unpatched vulnerability that potentially affects hundreds of millions of devices worldwide. Discovered independently by two separate teams of...

5.9CVSS7.1AI score0.55804EPSS
Exploits1
HackRead
HackReadadded 2020/09/10 5:41 p.m.19 views

BLURtooth vulnerability exposes devices to MITM attack

By Sudais Asif The attacks carried out by exploiting BLURtooth vulnerability are being referred to as the BLUR attacks. This is a post from HackRead.com Read the original post: BLURtooth vulnerability exposes devices to MITM attack...

2.9AI score
Exploits0
Rows per page
Query Builder