CVE-2020-10135
Bluetooth devices supporting BR/EDR v5.2 and earlier are vulnerable to impersonation attacks
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. An unauthenticated, adjacent attacker could impersonate a Bluetooth BR/EDR master or slave to pair with a previously paired remote device to successfully complete the authentication procedure without knowing the link key.
El emparejamiento heredado y la identificación de emparejamiento de conexiones seguras en Bluetooth BR / EDR Core Specification v5.2 y anteriores pueden permitir que un usuario no identificado complete la autenticación sin emparejar credenciales a través de acceso adyacente. Un atacante adyacente no autenticado podría hacerse pasar por un maestro o esclavo Bluetooth BR / EDR para emparejarse con un dispositivo remoto previamente emparejado para completar con éxito el procedimiento de autenticación sin conocer la clave de enlace
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-03-05 CVE Reserved
- 2020-05-19 CVE Published
- 2020-06-01 First Exploit
- 2024-03-21 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-290: Authentication Bypass by Spoofing
- CWE-757: Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')
CAPEC
References (8)
URL | Tag | Source |
---|---|---|
http://packetstormsecurity.com/files/157922/Bluetooth-Impersonation-Attack-BIAS-Proof-Of-Concept.html | Third Party Advisory | |
https://francozappa.github.io/about-bias | Third Party Advisory | |
https://kb.cert.org/vuls/id/647177 | Third Party Advisory |
URL | Date | SRC |
---|---|---|
https://github.com/m4rm0k/CVE-2020-10135-BIAS | 2020-06-01 | |
http://seclists.org/fulldisclosure/2020/Jun/5 | 2024-09-17 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Bluetooth Search vendor "Bluetooth" | Bluetooth Core Search vendor "Bluetooth" for product "Bluetooth Core" | <= 5.2 Search vendor "Bluetooth" for product "Bluetooth Core" and version " <= 5.2" | br |
Affected
| ||||||
Bluetooth Search vendor "Bluetooth" | Bluetooth Core Search vendor "Bluetooth" for product "Bluetooth Core" | <= 5.2 Search vendor "Bluetooth" for product "Bluetooth Core" and version " <= 5.2" | edr |
Affected
| ||||||
Opensuse Search vendor "Opensuse" | Leap Search vendor "Opensuse" for product "Leap" | 15.1 Search vendor "Opensuse" for product "Leap" and version "15.1" | - |
Affected
|