CVE-2020-11957

low-risk
Published 2020-06-09

The Bluetooth Low Energy implementation in Cypress PSoC Creator BLE 4.2 component versions before 3.64 generates a random number (Pairing Random) with significantly less entropy than the specified 128 bits during BLE pairing. This is the case for both authenticated and unauthenticated pairing with both LE Secure Connections as well as LE Legacy Pairing. A predictable or brute-forceable random number allows an attacker (in radio range) to perform a MITM attack during BLE pairing.

Do I need to act?

-
0.22% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10 High
ADJACENT_NETWORK / HIGH complexity

Affected Products (1)

Psoc 4.2 Ble

Affected Vendors

Cypress

References (2)

Product https://www.cypress.com/file/504466/download
Product https://www.cypress.com/file/504466/download
26
/ 100
low-risk
Severity 20/34 · Moderate
Exploitability 1/34 · Minimal
Exposure 5/34 · Minimal