Bluetooth Core 5.2 LE (Low Energy)

CPE Details

Bluetooth Core 5.2 LE (Low Energy)
bluetooth
bluetooth_core
5.2
2020-05-22
13h08 +00:00
2020-05-22
13h08 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:bluetooth:bluetooth_core:5.2:*:*:*:le:*:*:*

Informations

Vendor

bluetooth

Product

bluetooth_core

Version

5.2

Software Edition

le

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-10134 2020-05-19 15h50 +00:00 Pairing in Bluetooth® Core v5.2 and earlier may permit an unauthenticated attacker to acquire credentials with two pairing devices via adjacent access when the unauthenticated user initiates different pairing methods in each peer device and an end-user erroneously completes both pairing procedures with the MITM using the confirmation number of one peer as the passkey of the other. An adjacent, unauthenticated attacker could be able to initiate any Bluetooth operation on either attacked device exposed by the enabled Bluetooth profiles. This exposure may be limited when the user must authorize certain access explicitly, but so long as a user assumes that it is the intended remote device requesting permissions, device-local protections may be weakened.
6.3
Medium
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.