CVE-2020-26558
moderate-risk
Published 2021-05-24
Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time.
Do I need to act?
-
0.02% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
4
CVSS 4.2/10
Medium
ADJACENT_NETWORK
/ HIGH complexity
Affected Products (19)
Bluetooth Core Specification
Ac 7265 Firmware
Ax1675 Firmware
Ax1650 Firmware
Ac 1550 Firmware
Affected Vendors
References (21)
Third Party Advisory
https://kb.cert.org/vuls/id/799380
Third Party Advisory
https://security.gentoo.org/glsa/202209-16
Third Party Advisory
https://www.debian.org/security/2021/dsa-4951
Third Party Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517....
Third Party Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00520....
Third Party Advisory
https://kb.cert.org/vuls/id/799380
Third Party Advisory
https://security.gentoo.org/glsa/202209-16
Third Party Advisory
https://www.debian.org/security/2021/dsa-4951
Third Party Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517....
Third Party Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00520....
and 1 more references
30
/ 100
moderate-risk
Severity
11/34 · Low
Exploitability
0/34 · Minimal
Exposure
19/34 · Moderate