10 matches found
CVE-2020-26558
CVE-2020-26558: Bluetooth Core 2.1–5.2 Passkey entry/mitm reflection vulnerability. Nearby attacker could identify the Passkey during pairing by reflecting public key and authentication evidence, enabling completion of authenticated pairing with the correct Passkey. Astra Linux bulletin repeats t...
CVE-2023-24023
CVE-2023-24023 describes a Bluetooth BR/EDR MITM vulnerability (BLUFFS) where Secure Simple Pairing and Secure Connections in Bluetooth Core 4.2–5.4 can be forced to use short keys, potentially enabling encryption-key discovery and live injection. Connected IBM/AS/Android material confirms the sa...
CVE-2020-26555
Technical details beyond the initial description are not publicly provided in the connected documents. CVE-2020-26555 relates to Bluetooth BR/EDR PIN pairing impersonation as described; monitor for vendor/advisory updates for fixes and impact.
CVE-2020-15802
CVE-2020-15802 concerns Bluetooth Cross-Transport Key Derivation (BLURtooth) affecting devices that support Bluetooth before 5.1. The root cause is Cross Transport Key Derivation in Bluetooth Core Specification v4.2/v5.0, which may permit an unauthenticated user to establish bonding on one transp...
CVE-2020-26556
CVE-2020-26556 refers to the Bluetooth Mesh provisioning weakness in Mesh Profile 1.0/1.0.1 where a nearby attacker could brute‑force an insufficiently random AuthValue and, during provisioning, leverage a Malleable Commitment to complete authentication. The description states this can occur befo...
CVE-2022-25836
CVE-2022-25836 affects Bluetooth Low Energy Pairing in Bluetooth Core Specification v4.0–v5.3. An unauthenticated MITM can exploit two pairing devices with adjacent access by negotiating Legacy Passkey Pairing (Initiator) and Secure Connections Passkey Pairing (Responder), then brute-forcing the ...
CVE-2022-25837
The CVE-2022-25837 entry describes a Bluetooth pairing vulnerability in the Bluetooth Core Specification (v1.0B–v5.3) that can enable an unauthenticated MITM to obtain credentials when two devices pair, with one using BR/EDR Secure Connections and the other BR/EDR Legacy PIN. The attack relies on...
CVE-2021-31615
CVE-2021-31615 describes a vulnerability in BLE baseband handling where unencrypted Bluetooth Low Energy links (Bluetooth Core Specifications 4.0–5.2) may allow an adjacent device to inject a crafted packet during the listen window, enabling full MITM status before the transmitter begins its pack...
CVE-2022-24695
CVE-2022-24695 concerns Bluetooth Classic in the Bluetooth Core Specification up to version 5.3, where device information for transceivers in Non-Discoverable mode is not properly concealed. An over-the-air attack could efficiently extract the permanent Bluetooth MAC identifier and device capabil...
CVE-2020-35473
CVE-2020-35473 describes an information‑leakage vulnerability in Bluetooth Low Energy advertising scan responses (including extended scan responses) that can identify devices using Resolvable Private Addressing (RPA). Affected are Bluetooth Core Specifications 4.0–5.2 and extended scan responses ...