Product:

Bluetooth_core_specification

(Bluetooth)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 3
Date Id Summary Products Score Patch Annotated
2021-05-24 CVE-2020-26555 Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN. Bluetooth_core_specification, Fedora 5.4
2021-05-24 CVE-2020-26558 Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the... Bluetooth_core_specification, Fedora 4.2
2020-09-11 CVE-2020-15802 Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, either LE or BR/EDR, and replace a bonding already established on the opposing transport, BR/EDR or LE, potentially overwriting an authenticated key with an unauthenticated key, or a key with greater entropy with one with less. Bluetooth_core_specification 5.9