5.4
MEDIUM

CVE-2014-4428

Published: 18/10/2014 Updated: 29/08/2017
CVSS v2 Base Score: 5.4 | Impact Score: 6.4 | Exploitability Score: 5.5

Vulnerability Summary

Bluetooth in Apple OS X prior to 10.10 does not require encryption for HID Low Energy devices, which allows remote attackers to spoof a device by leveraging previous pairing.

Vector: AV:A/AC:M/Au:N/C:P/I:P/A:P
Access Complexity: MEDIUM
Authentication: NONE
Access Vector: ADJACENT_NETWORK
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Affected Products

Vendor Product Versions
AppleMac Os X10.9.5

References