Lucene search
K
BluetoothMesh Profile

4 matches found

CVE
CVE
added 2021/05/24 5:28 p.m.133 views

CVE-2020-26557

CVE-2020-26557 : Bluetooth Mesh Provisioning in Bluetooth Mesh profile 1.0/1.0.1 allows a nearby device, without the AuthValue, to brute-force or deduce the AuthValue used in provisioning if the AuthValue is not sufficiently random or is reused. This can enable an attacker to complete provisionin...

7.5CVSS7.8AI score0.00828EPSS
CVE
CVE
added 2021/05/24 5:13 p.m.131 views

CVE-2020-26559

CVE-2020-26559 (Bluetooth Mesh Provisioning) affects Bluetooth Mesh provisioning (Mesh profile 1.0/1.0.1). A nearby attacker participating in the provisioning protocol can identify the AuthValue and the provisioning device’s confirmation number and nonce, potentially enabling provisioning complet...

8.8CVSS8.4AI score0.00852EPSS
CVE
CVE
added 2021/05/24 5:6 p.m.126 views

CVE-2020-26560

CVE-2020-26560 relates to Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0/1.0.1. A nearby attacker can exploit the provisioning exchange to authenticate without possessing the AuthValue and potentially obtain the NetKey and AppKey. The connected CIRCL sighting lists this CVE among B...

8.1CVSS8.3AI score0.00855EPSS
CVE
CVE
added 2021/05/24 5:34 p.m.120 views

CVE-2020-26556

CVE-2020-26556 refers to the Bluetooth Mesh provisioning weakness in Mesh Profile 1.0/1.0.1 where a nearby attacker could brute‑force an insufficiently random AuthValue and, during provisioning, leverage a Malleable Commitment to complete authentication. The description states this can occur befo...

7.5CVSS7.7AI score0.00907EPSS