// For flags

CVE-2020-26555

kernel: Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack

Severity Score

5.4
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.

Un emparejamiento de código PIN BR/EDR heredado de Bluetooth en Bluetooth Core Specification versiones 1.0B hasta 5.2, puede permitir a un dispositivo cercano no autenticado falsificar el BD_ADDR del dispositivo peer para completar el emparejamiento sin conocer el PIN

A vulnerability was found in Linux Kernel, where Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack. When an attacker connects to a victim device using the address of the device and the victim initiates a Pairing, the attacker can reflect the encrypted nonce even without knowledge of the key.

*Credits: N/A
CVSS Scores
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
None
Attack Vector
Adjacent
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2020-10-04 CVE Reserved
  • 2021-05-24 CVE Published
  • 2024-02-07 EPSS Updated
  • 2024-08-04 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-400: Uncontrolled Resource Consumption
  • CWE-863: Incorrect Authorization
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Intel
Search vendor "Intel"
Ax210 Firmware
Search vendor "Intel" for product "Ax210 Firmware"
--
Affected
in Intel
Search vendor "Intel"
Ax210
Search vendor "Intel" for product "Ax210"
--
Safe
Intel
Search vendor "Intel"
Ax201 Firmware
Search vendor "Intel" for product "Ax201 Firmware"
--
Affected
in Intel
Search vendor "Intel"
Ax201
Search vendor "Intel" for product "Ax201"
--
Safe
Intel
Search vendor "Intel"
Ax200 Firmware
Search vendor "Intel" for product "Ax200 Firmware"
--
Affected
in Intel
Search vendor "Intel"
Ax200
Search vendor "Intel" for product "Ax200"
--
Safe
Intel
Search vendor "Intel"
Ac 9560 Firmware
Search vendor "Intel" for product "Ac 9560 Firmware"
--
Affected
in Intel
Search vendor "Intel"
Ac 9560
Search vendor "Intel" for product "Ac 9560"
--
Safe
Intel
Search vendor "Intel"
Ac 9462 Firmware
Search vendor "Intel" for product "Ac 9462 Firmware"
--
Affected
in Intel
Search vendor "Intel"
Ac 9462
Search vendor "Intel" for product "Ac 9462"
--
Safe
Intel
Search vendor "Intel"
Ac 9461 Firmware
Search vendor "Intel" for product "Ac 9461 Firmware"
--
Affected
in Intel
Search vendor "Intel"
Ac 9461
Search vendor "Intel" for product "Ac 9461"
--
Safe
Intel
Search vendor "Intel"
Ac 9260 Firmware
Search vendor "Intel" for product "Ac 9260 Firmware"
--
Affected
in Intel
Search vendor "Intel"
Ac 9260
Search vendor "Intel" for product "Ac 9260"
--
Safe
Intel
Search vendor "Intel"
Ac 8265 Firmware
Search vendor "Intel" for product "Ac 8265 Firmware"
--
Affected
in Intel
Search vendor "Intel"
Ac 8265
Search vendor "Intel" for product "Ac 8265"
--
Safe
Intel
Search vendor "Intel"
Ac 8260 Firmware
Search vendor "Intel" for product "Ac 8260 Firmware"
--
Affected
in Intel
Search vendor "Intel"
Ac 8260
Search vendor "Intel" for product "Ac 8260"
--
Safe
Intel
Search vendor "Intel"
Ac 3168 Firmware
Search vendor "Intel" for product "Ac 3168 Firmware"
--
Affected
in Intel
Search vendor "Intel"
Ac 3168
Search vendor "Intel" for product "Ac 3168"
--
Safe
Intel
Search vendor "Intel"
Ac 7265 Firmware
Search vendor "Intel" for product "Ac 7265 Firmware"
--
Affected
in Intel
Search vendor "Intel"
Ac 7265
Search vendor "Intel" for product "Ac 7265"
--
Safe
Intel
Search vendor "Intel"
Ac 3165 Firmware
Search vendor "Intel" for product "Ac 3165 Firmware"
--
Affected
in Intel
Search vendor "Intel"
Ac 3165
Search vendor "Intel" for product "Ac 3165"
--
Safe
Intel
Search vendor "Intel"
Killer Wi-fi 6e Ax1675 Firmware
Search vendor "Intel" for product "Killer Wi-fi 6e Ax1675 Firmware"
--
Affected
in Intel
Search vendor "Intel"
Killer Wi-fi 6e Ax1675
Search vendor "Intel" for product "Killer Wi-fi 6e Ax1675"
--
Safe
Intel
Search vendor "Intel"
Killer Wi-fi 6 Ax1650 Firmware
Search vendor "Intel" for product "Killer Wi-fi 6 Ax1650 Firmware"
--
Affected
in Intel
Search vendor "Intel"
Killer Wi-fi 6 Ax1650
Search vendor "Intel" for product "Killer Wi-fi 6 Ax1650"
--
Safe
Intel
Search vendor "Intel"
Killer Ac 1550 Firmware
Search vendor "Intel" for product "Killer Ac 1550 Firmware"
--
Affected
in Intel
Search vendor "Intel"
Killer Ac 1550
Search vendor "Intel" for product "Killer Ac 1550"
--
Safe
Bluetooth
Search vendor "Bluetooth"
Bluetooth Core Specification
Search vendor "Bluetooth" for product "Bluetooth Core Specification"
>= 1.1b <= 5.2
Search vendor "Bluetooth" for product "Bluetooth Core Specification" and version " >= 1.1b <= 5.2"
-
Affected
Fedoraproject
Search vendor "Fedoraproject"
Fedora
Search vendor "Fedoraproject" for product "Fedora"
34
Search vendor "Fedoraproject" for product "Fedora" and version "34"
-
Affected