19 matches found
EUVD-2020-19104
Malware in sbrugna...
EUVD-2020-19101
Malware in sbrugna...
EUVD-2020-19105
Malware in sbrugna...
EUVD-2022-52895
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2020-26560
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, reflecting the authentication evidence from a Provisioner, t...
Linux Distros Unpatched Vulnerability : CVE-2020-26556
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to conduct a successful brute-force attack on an insufficiently...
SUSE CVE-2020-26557
Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device without possession of the AuthValue used in the provisioning protocol to determine the AuthValue via a brute-force attack unless the AuthValue is sufficiently random and changed each time...
CVE-2022-31363
Cypress : https://www.infineon.com/ Cypress Bluetooth Mesh SDK BSA010705.01.00-BX8-AMESH-08 is affected by: Buffer Overflow. The impact is: execute arbitrary code remote. The component is: affected function is pbtransporthandlefrag. ¶¶ In Cypress Bluetooth Mesh SDK, there is an out-of-bound write...
Buffer overflow
Cypress : https://www.infineon.com/ Cypress Bluetooth Mesh SDK BSA010705.01.00-BX8-AMESH-08 is affected by: Buffer Overflow. The impact is: execute arbitrary code remote. The component is: affected function is pbtransporthandlefrag. ¶¶ In Cypress Bluetooth Mesh SDK, there is an out-of-bound write...
PT-2023-13032 · Cypress · Cypress Bluetooth Mesh Sdk
Name of the Vulnerable Software and Affected Versions: Cypress Bluetooth Mesh SDK version BSA0107 05.01.00-BX8-AMESH-08 Description: The issue is related to a buffer overflow that can allow the execution of arbitrary code remotely. It is caused by an out-of-bound write vulnerability during mesh...
CVE-2022-31363
Cypress : https://www.infineon.com/ Cypress Bluetooth Mesh SDK BSA010705.01.00-BX8-AMESH-08 is affected by: Buffer Overflow. The impact is: execute arbitrary code remote. The component is: affected function is pbtransporthandlefrag. ¶¶ In Cypress Bluetooth Mesh SDK, there is an out-of-bound write...
CVE-2022-31363
CVE-2022-31363 affects Cypress Bluetooth Mesh SDK version BSA0107_05.01.00-BX8-AMESH-08. The vulnerability is a buffer overflow caused by an out-of-bounds write during mesh provisioning, due to no check for mismatched SegN and TotalLength in the Transaction Start PDU. The affected component is th...
CVE-2022-31363
Cypress : https://www.infineon.com/ Cypress Bluetooth Mesh SDK BSA010705.01.00-BX8-AMESH-08 is affected by: Buffer Overflow. The impact is: execute arbitrary code remote. The component is: affected function is pbtransporthandlefrag. ¶¶ In Cypress Bluetooth Mesh SDK, there is an out-of-bound write...
CVE-2020-26557
Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device without possession of the AuthValue used in the provisioning protocol to determine the AuthValue via a brute-force attack unless the AuthValue is sufficiently random and changed each time...
UBUNTU-CVE-2020-26560
Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, reflecting the authentication evidence from a Provisioner, to complete authentication without possessing the AuthValue, and potentially acquire a NetKey and AppKey...
CVE-2020-26556
Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to conduct a successful brute-force attack on an insufficiently random AuthValue before the provisioning procedure times out, to complete authentication by leveraging Malleable Commitment...
CVE-2020-26556
Removed by vendor...
CVE-2020-26557
Removed by vendor...
Devices supporting Bluetooth Core and Mesh Specifications are vulnerable to impersonation attacks and AuthValue disclosure
Overview Devices supporting the Bluetooth Core and Mesh Specifications are vulnerable to impersonation attacks and AuthValue disclosure that could allow an attacker to impersonate a legitimate device during pairing. Description The Bluetooth Core Specification and Mesh Profile Specification are t...