5.4

CVE-2020-26555

Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
BluetoothBluetooth Core Specification Version >= 1.1b <= 5.2
FedoraprojectFedora Version34
IntelAx210 Firmware Version-
   IntelAx210 Version-
IntelAx201 Firmware Version-
   IntelAx201 Version-
IntelAx200 Firmware Version-
   IntelAx200 Version-
IntelAc 9560 Firmware Version-
   IntelAc 9560 Version-
IntelAc 9462 Firmware Version-
   IntelAc 9462 Version-
IntelAc 9461 Firmware Version-
   IntelAc 9461 Version-
IntelAc 9260 Firmware Version-
   IntelAc 9260 Version-
IntelAc 8265 Firmware Version-
   IntelAc 8265 Version-
IntelAc 8260 Firmware Version-
   IntelAc 8260 Version-
IntelAc 3168 Firmware Version-
   IntelAc 3168 Version-
IntelAc 7265 Firmware Version-
   IntelAc 7265 Version-
IntelAc 3165 Firmware Version-
   IntelAc 3165 Version-
IntelKiller Ac 1550 Firmware Version-
   IntelKiller Ac 1550 Version-
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.89% 0.545
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.4 2.8 2.5
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
nvd@nist.gov 4.8 6.5 4.9
AV:A/AC:L/Au:N/C:P/I:P/A:N
CWE-863 Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

https://kb.cert.org/vuls/id/799380
Third Party Advisory
US Government Resource
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NSS6CTGE4UGTJLCOZOASDR3T3SLL6QJZ/
https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security/
Vendor Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00520.html
Third Party Advisory
https://www.kb.cert.org/vuls/id/799380