CVE-2020-26558
bluez: Passkey Entry protocol of the Bluetooth Core is vulnerable to an impersonation attack
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time.
El emparejamiento seguro de Bluetooth LE y BR/EDR en Bluetooth Core Specification versiones 2.1 hasta 5.2, puede permitir a un atacante de tipo man-in-the-middle cercano identificar el Passkey usada durante el emparejamiento (en el procedimiento de autenticación de Passkey) mediante el reflejo de la clave pública y la evidencia de autenticació del dispositivo de inicio, potencialmente permitiendo a este atacante completar el emparejamiento autenticado con el dispositivo que responde usando la contraseña correcta para la sesión de emparejamiento. La metodología de ataque determina el valor de la Clave un bit a la vez
A vulnerability was found in the bluez, where Passkey Entry protocol used in Secure Simple Pairing (SSP), Secure Connections (SC) and LE Secure Connections (LESC) of the Bluetooth Core Specification is vulnerable to an impersonation attack where an active attacker can impersonate the initiating device without any previous knowledge.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-10-04 CVE Reserved
- 2021-05-24 CVE Published
- 2024-07-25 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-287: Improper Authentication
CAPEC
References (12)
URL | Tag | Source |
---|---|---|
https://kb.cert.org/vuls/id/799380 | Third Party Advisory | |
https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html | Mailing List | |
https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html | Mailing List | |
https://lists.debian.org/debian-lts-announce/2021/06/msg00022.html | Mailing List | |
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517.html | Third Party Advisory | |
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00520.html | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Intel Search vendor "Intel" | Ax210 Firmware Search vendor "Intel" for product "Ax210 Firmware" | - | - |
Affected
| in | Intel Search vendor "Intel" | Ax210 Search vendor "Intel" for product "Ax210" | - | - |
Safe
|
Intel Search vendor "Intel" | Ax201 Firmware Search vendor "Intel" for product "Ax201 Firmware" | - | - |
Affected
| in | Intel Search vendor "Intel" | Ax201 Search vendor "Intel" for product "Ax201" | - | - |
Safe
|
Intel Search vendor "Intel" | Ax200 Firmware Search vendor "Intel" for product "Ax200 Firmware" | - | - |
Affected
| in | Intel Search vendor "Intel" | Ax200 Search vendor "Intel" for product "Ax200" | - | - |
Safe
|
Intel Search vendor "Intel" | Ac 9560 Firmware Search vendor "Intel" for product "Ac 9560 Firmware" | - | - |
Affected
| in | Intel Search vendor "Intel" | Ac 9560 Search vendor "Intel" for product "Ac 9560" | - | - |
Safe
|
Intel Search vendor "Intel" | Ac 9462 Firmware Search vendor "Intel" for product "Ac 9462 Firmware" | - | - |
Affected
| in | Intel Search vendor "Intel" | Ac 9462 Search vendor "Intel" for product "Ac 9462" | - | - |
Safe
|
Intel Search vendor "Intel" | Ac 9461 Firmware Search vendor "Intel" for product "Ac 9461 Firmware" | - | - |
Affected
| in | Intel Search vendor "Intel" | Ac 9461 Search vendor "Intel" for product "Ac 9461" | - | - |
Safe
|
Intel Search vendor "Intel" | Ac 9260 Firmware Search vendor "Intel" for product "Ac 9260 Firmware" | - | - |
Affected
| in | Intel Search vendor "Intel" | Ac 9260 Search vendor "Intel" for product "Ac 9260" | - | - |
Safe
|
Intel Search vendor "Intel" | Ac 8265 Firmware Search vendor "Intel" for product "Ac 8265 Firmware" | - | - |
Affected
| in | Intel Search vendor "Intel" | Ac 8265 Search vendor "Intel" for product "Ac 8265" | - | - |
Safe
|
Intel Search vendor "Intel" | Ac 8260 Firmware Search vendor "Intel" for product "Ac 8260 Firmware" | - | - |
Affected
| in | Intel Search vendor "Intel" | Ac 8260 Search vendor "Intel" for product "Ac 8260" | - | - |
Safe
|
Intel Search vendor "Intel" | Ac 3168 Firmware Search vendor "Intel" for product "Ac 3168 Firmware" | - | - |
Affected
| in | Intel Search vendor "Intel" | Ac 3168 Search vendor "Intel" for product "Ac 3168" | - | - |
Safe
|
Intel Search vendor "Intel" | Ac 7265 Firmware Search vendor "Intel" for product "Ac 7265 Firmware" | - | - |
Affected
| in | Intel Search vendor "Intel" | Ac 7265 Search vendor "Intel" for product "Ac 7265" | - | - |
Safe
|
Intel Search vendor "Intel" | Ac 3165 Firmware Search vendor "Intel" for product "Ac 3165 Firmware" | - | - |
Affected
| in | Intel Search vendor "Intel" | Ac 3165 Search vendor "Intel" for product "Ac 3165" | - | - |
Safe
|
Intel Search vendor "Intel" | Ax1675 Firmware Search vendor "Intel" for product "Ax1675 Firmware" | - | - |
Affected
| in | Intel Search vendor "Intel" | Ax1675 Search vendor "Intel" for product "Ax1675" | - | - |
Safe
|
Intel Search vendor "Intel" | Ax1650 Firmware Search vendor "Intel" for product "Ax1650 Firmware" | - | - |
Affected
| in | Intel Search vendor "Intel" | Ax1650 Search vendor "Intel" for product "Ax1650" | - | - |
Safe
|
Intel Search vendor "Intel" | Ac 1550 Firmware Search vendor "Intel" for product "Ac 1550 Firmware" | - | - |
Affected
| in | Intel Search vendor "Intel" | Ac 1550 Search vendor "Intel" for product "Ac 1550" | - | - |
Safe
|
Bluetooth Search vendor "Bluetooth" | Bluetooth Core Specification Search vendor "Bluetooth" for product "Bluetooth Core Specification" | >= 2.1 <= 5.2 Search vendor "Bluetooth" for product "Bluetooth Core Specification" and version " >= 2.1 <= 5.2" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 34 Search vendor "Fedoraproject" for product "Fedora" and version "34" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 5.13 Search vendor "Linux" for product "Linux Kernel" and version " < 5.13" | - |
Affected
|