5.4

CVE-2020-26555

Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
BluetoothBluetooth Core Specification Version >= 1.1b <= 5.2
FedoraprojectFedora Version34
IntelAx210 Firmware Version-
   IntelAx210 Version-
IntelAx201 Firmware Version-
   IntelAx201 Version-
IntelAx200 Firmware Version-
   IntelAx200 Version-
IntelAc 9560 Firmware Version-
   IntelAc 9560 Version-
IntelAc 9462 Firmware Version-
   IntelAc 9462 Version-
IntelAc 9461 Firmware Version-
   IntelAc 9461 Version-
IntelAc 9260 Firmware Version-
   IntelAc 9260 Version-
IntelAc 8265 Firmware Version-
   IntelAc 8265 Version-
IntelAc 8260 Firmware Version-
   IntelAc 8260 Version-
IntelAc 3168 Firmware Version-
   IntelAc 3168 Version-
IntelAc 7265 Firmware Version-
   IntelAc 7265 Version-
IntelAc 3165 Firmware Version-
   IntelAc 3165 Version-
IntelKiller Ac 1550 Firmware Version-
   IntelKiller Ac 1550 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.459
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.4 2.8 2.5
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
nvd@nist.gov 4.8 6.5 4.9
AV:A/AC:L/Au:N/C:P/I:P/A:N
CWE-863 Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

https://kb.cert.org/vuls/id/799380
Third Party Advisory
US Government Resource