Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 up to and including 5.2 may permit a nearby man-in-the-middle malicious user to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this malicious user to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bluetooth bluetooth core specification |
||
fedoraproject fedora 34 |
||
debian debian linux 9.0 |
||
linux linux kernel |
||
intel ax210_firmware - |
||
intel ax201_firmware - |
||
intel ax200_firmware - |
||
intel ac_9560_firmware - |
||
intel ac_9462_firmware - |
||
intel ac_9461_firmware - |
||
intel ac_9260_firmware - |
||
intel ac_8265_firmware - |
||
intel ac_8260_firmware - |
||
intel ac_3168_firmware - |
||
intel ac_7265_firmware - |
||
intel ac_3165_firmware - |
||
intel ax1675_firmware - |
||
intel ax1650_firmware - |
||
intel ac_1550_firmware - |