CVE-2019-9506

high-risk

Published 2019-08-14

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.

Do I need to act?

4.5% chance of exploitation in next 30 days

EPSS score — moderate exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 8.1/10 High

ADJACENT_NETWORK / LOW complexity

Affected Products (20)

Android

Iphone Os

Mac Os X

Tvos

Watchos

Ubuntu Linux

Debian Linux

Leap

Mrg Realtime

Virtualization Host Eus

Enterprise Linux

Enterprise Linux Aus

Enterprise Linux Eus

Affected Vendors

Debian Redhat Apple Google Canonical Huawei Opensuse

References (60)

Mailing List http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html

Mailing List http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html

Mailing List http://seclists.org/fulldisclosure/2019/Aug/11

Mailing List http://seclists.org/fulldisclosure/2019/Aug/13

Mailing List http://seclists.org/fulldisclosure/2019/Aug/14

Mailing List http://seclists.org/fulldisclosure/2019/Aug/15

Third Party Advisory http://www.cs.ox.ac.uk/publications/publication12404-abstract.html

Third Party Advisory http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en

Third Party Advisory https://access.redhat.com/errata/RHSA-2019:2975

Third Party Advisory https://access.redhat.com/errata/RHSA-2019:3055

Third Party Advisory https://access.redhat.com/errata/RHSA-2019:3076

Third Party Advisory https://access.redhat.com/errata/RHSA-2019:3089

Third Party Advisory https://access.redhat.com/errata/RHSA-2019:3165

Third Party Advisory https://access.redhat.com/errata/RHSA-2019:3187

Third Party Advisory https://access.redhat.com/errata/RHSA-2019:3217

Third Party Advisory https://access.redhat.com/errata/RHSA-2019:3218

Third Party Advisory https://access.redhat.com/errata/RHSA-2019:3220

Third Party Advisory https://access.redhat.com/errata/RHSA-2019:3231

Third Party Advisory https://access.redhat.com/errata/RHSA-2019:3309

Third Party Advisory https://access.redhat.com/errata/RHSA-2019:3517

and 40 more references

/ 100

high-risk

Severity 25/34 · High

Exploitability 8/34 · Low

Exposure 33/34 · Critical