This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Bluetooth First view 2020-09-11
Product Bluetooth Core Specification Last view 2020-09-11
Version * Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:bluetooth:bluetooth_core_specification

Activity : Overall

Related : CVE

  Date Alert Description
5.9 2020-09-11 CVE-2020-15802

Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, either LE or BR/EDR, and replace a bonding already established on the opposing transport, BR/EDR or LE, potentially overwriting an authenticated key with an unauthenticated key, or a key with greater entropy with one with less.

CWE : Common Weakness Enumeration

%idName
100% (1) CWE-287 Improper Authentication