CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2020-26557
https://notcve.org/view.php?id=CVE-2020-26557
24 May 2021 — Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (without possession of the AuthValue used in the provisioning protocol) to determine the AuthValue via a brute-force attack (unless the AuthValue is sufficiently random and changed each time). Un Mesh Provisioning en el perfil de Bluetooth Mesh versiones 1.0 y 1.0.1, puede permitir a un dispositivo cercano (sin la posesión del AuthValue usado en el protocolo de aprovisionamiento) determinar el AuthValue por medio de un ... • https://kb.cert.org/vuls/id/799380 • CWE-287: Improper Authentication •
CVSS: 4.3EPSS: 0%CPEs: 34EXPL: 0CVE-2020-26558 – bluez: Passkey Entry protocol of the Bluetooth Core is vulnerable to an impersonation attack
https://notcve.org/view.php?id=CVE-2020-26558
24 May 2021 — Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value o... • https://kb.cert.org/vuls/id/799380 • CWE-287: Improper Authentication •
CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 0CVE-2020-26559
https://notcve.org/view.php?id=CVE-2020-26559
24 May 2021 — Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (participating in the provisioning protocol) to identify the AuthValue used given the Provisioner’s public key, and the confirmation number and nonce provided by the provisioning device. This could permit a device without the AuthValue to complete provisioning without brute-forcing the AuthValue. El Bluetooth Mesh Provisioning en el perfil de Bluetooth Mesh versiones 1.0 y 1.0.1, puede permitir a un dispositiv... • https://kb.cert.org/vuls/id/799380 • CWE-863: Incorrect Authorization •
CVSS: 8.1EPSS: 1%CPEs: 2EXPL: 0CVE-2020-26560
https://notcve.org/view.php?id=CVE-2020-26560
24 May 2021 — Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, reflecting the authentication evidence from a Provisioner, to complete authentication without possessing the AuthValue, and potentially acquire a NetKey and AppKey. El Bluetooth Mesh Provisioning en el perfil de Bluetooth Mesh versiones 1.0 y 1.0.1, puede permitir a un dispositivo cercano, que refleja la evidencia de autenticación de un proveedor, completar la autenticación sin poseer el AuthValue y, potencia... • https://kb.cert.org/vuls/id/799380 • CWE-863: Incorrect Authorization •
CVSS: 5.9EPSS: 47%CPEs: 1EXPL: 1CVE-2020-15802
https://notcve.org/view.php?id=CVE-2020-15802
11 Sep 2020 — Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, either LE or BR/EDR, and replace a bonding already established on the opposing transport, BR/EDR or LE, potentially overwriting an authenticated key with an unauthenticated key, or a key with greater entropy with one with less. Los dispositivos compatibles con Blue... • https://github.com/francozappa/blur • CWE-287: Improper Authentication •
CVSS: 6.3EPSS: 0%CPEs: 3EXPL: 0CVE-2020-10134 – Bluetooth devices supporting LE and specific BR/EDR implementations are vulnerable to method confusion attacks
https://notcve.org/view.php?id=CVE-2020-10134
19 May 2020 — Pairing in Bluetooth® Core v5.2 and earlier may permit an unauthenticated attacker to acquire credentials with two pairing devices via adjacent access when the unauthenticated user initiates different pairing methods in each peer device and an end-user erroneously completes both pairing procedures with the MITM using the confirmation number of one peer as the passkey of the other. An adjacent, unauthenticated attacker could be able to initiate any Bluetooth operation on either attacked device exposed by the... • https://kb.cert.org/vuls/id/534195 • CWE-351: Insufficient Type Distinction CWE-436: Interpretation Conflict •
CVSS: 5.4EPSS: 14%CPEs: 3EXPL: 3CVE-2020-10135 – Bluetooth devices supporting BR/EDR v5.2 and earlier are vulnerable to impersonation attacks
https://notcve.org/view.php?id=CVE-2020-10135
19 May 2020 — Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. An unauthenticated, adjacent attacker could impersonate a Bluetooth BR/EDR master or slave to pair with a previously paired remote device to successfully complete the authentication procedure without knowing the link key. El emparejamiento heredado y la identificación de emparejamient... • https://packetstorm.news/files/id/157922 • CWE-290: Authentication Bypass by Spoofing CWE-757: Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2011-1265
https://notcve.org/view.php?id=CVE-2011-1265
13 Jul 2011 — The Bluetooth Stack 2.1 in Microsoft Windows Vista SP1 and SP2 and Windows 7 Gold and SP1 does not prevent access to objects in memory that (1) were not properly initialized or (2) have been deleted, which allows remote attackers to execute arbitrary code via crafted Bluetooth packets, aka "Bluetooth Stack Vulnerability." La pila de Bluetooth v2.1 en Microsoft Windows Vista SP1 y SP2 y Windows 7 Gold y SP1 no impide el acceso a los objetos en la memoria que (1) no se ha inicializado correctamente o (2) se h... • http://www.us-cert.gov/cas/techalerts/TA11-193A.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2006-6907
https://notcve.org/view.php?id=CVE-2006-6907
31 Dec 2006 — Unspecified vulnerability in the Bluesoil Bluetooth stack has unknown impact and attack vectors. Vulnerabilidad no especificada en la pila Bluetooth de Bluesoil tiene impacto y vectores de ataque desconocidos. • http://events.ccc.de/congress/2006-mediawiki//images/f/fb/23c3_Bluetooh_revisited.pdf •