1340 matches found
GAIN Electronic Co. Ltd SAGA1-L Series Access Control Vulnerability
GAIN SAGA1-L Series is a SAGA1-L series industrial remote control product from GAIN Electronic. A security vulnerability exists in GAIN SAGA1-L Series products using firmware versions prior to A0.10. An attacker could exploit this vulnerability to forcibly pair a device without human interaction...
October 24, 2018—KB4462933 (OS Build 17134.376)
None None...
Bluetooth Pairing Key Validation - Lenovo Support US
No description provided...
Bluetooth Pairing Key Validation - US
Lenovo Security Advisory: LEN-22233 Potential Impact: Information disclosure, elevation of privilege, denial of service Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2018-5383 Summary Description: The Bluetooth Special Interest Group SIG has reported a vulnerability in the...
Flow is seamless and secure – security features explained
Security Flow is seamless and secure – security features explained Share August 28th, 2018 Some of you may already be familiar with Flow, the new feature that allows you to quickly and seamlessly share images, links and videos between your Opera browser for computers and your Opera Touch mobile...
CVE-2018-5383
A vulnerability in Bluetooth pairing potentially allows an attacker with physical proximity within 30 meters to gain unauthorized access via an adjacent network, intercept traffic and send forged pairing messages between two vulnerable Bluetooth devices. This may result in information disclosure,...
CVE-2018-14738
An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. A SEGV can occur in pbcrmessagemessage in rmessage.c...
Bluetooth Bug Allows Man-in-the-Middle Attacks on Phones, Laptops
A slew of vendors that have built Bluetooth pairing into their devices without requiring public key validation are issuing fixes for their products. Researchers at the Israel Institute of Technology have identified a cryptography-related security vulnerability CVE-2018-5383 in the Bluetooth...
Bluetooth vuln CVE-2018-5383 explained
Yesterday a vulnerability, CVE-2018-5383 was released in the security specification for Bluetooth, with the title "Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange". It was given an adjusted CVSSv2 score of 5.7 - so roughly a...
New Bluetooth Hack Affects Millions of Devices from Major Vendors
Yet another bluetooth hacking technique has been uncovered. A highly critical cryptographic vulnerability has been found affecting some Bluetooth implementations that could allow an unauthenticated, remote attacker in physical proximity of targeted devices to intercept, monitor or manipulate the...
CVE-2018-10910
A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the system. This situation could lead to the unauthorized pairing of certain Bluetooth devices without any form of authentication. Versions before bluez 5.51 are vulnerable...
UBUNTU-CVE-2018-10910
A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the system. This situation could lead to the unauthorized pairing of certain Bluetooth devices without any form of authentication. Versions before bluez 5.51 are vulnerable...
CVE-2018-10910
A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the system. This situation could lead to the unauthorized pairing of certain Bluetooth devices without any form of authentication. Mitigation Disable Bluetooth...
Bluetooth® pairing vulnerability
Summary: Bluetooth Pairing update. Description: A vulnerability in Bluetooth® pairing potentially allows an attacker with physical proximity within 30 meters to gain unauthorized access via an adjacent network, intercept traffic and send forged pairing messages between two vulnerable Bluetooth®...
Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange
Overview Bluetooth firmware or operating system software drivers may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device. Description CWE-325: Missi...
PT-2018-10177 · Bluez +4 · Bluez +4
Name of the Vulnerable Software and Affected Versions: Bluez versions prior to 5.51 Description: A bug in the system may allow the Bluetooth Discoverable state to be set to on when no Bluetooth agent is registered, potentially leading to unauthorized pairing of certain Bluetooth devices without...
CVE-2016-6549
The Zizai Tech Nut device allows unauthenticated Bluetooth pairing, which enables unauthenticated connected applications to write data to the device name attribute...
Code injection
The Zizai Tech Nut device allows unauthenticated Bluetooth pairing, which enables unauthenticated connected applications to write data to the device name attribute...
CVE-2016-6549
The CVE-2016-6549 entry concerns the Zizai Tech Nut device, where unauthenticated Bluetooth pairing enables unauthenticated connected applications to write data to the device name attribute. Affected component is the Nut device’s Bluetooth pairing/authentication logic, with impact limited to mani...
CVE-2016-6549 Zizai Tech Nut allows for unauthenticated Bluetooth pairing
The Zizai Tech Nut device allows unauthenticated Bluetooth pairing, which enables unauthenticated connected applications to write data to the device name attribute...