Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
None
Privileges Required
None
Attack Vector
Adjacent_network
0

CVE-2020-26555

Disclosure Date: May 24, 2021
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
5.4 Medium
Impact Score:
2.5
Exploitability Score:
2.8
Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Attack Vector (AV):
Adjacent_network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
Low
Integrity (I):
Low
Availability (A):
None

General Information

Vendors

  • bluetooth,
  • fedoraproject,
  • intel

Products

  • ac 3165 firmware -,
  • ac 3168 firmware -,
  • ac 7265 firmware -,
  • ac 8260 firmware -,
  • ac 8265 firmware -,
  • ac 9260 firmware -,
  • ac 9461 firmware -,
  • ac 9462 firmware -,
  • ac 9560 firmware -,
  • ax200 firmware -,
  • ax201 firmware -,
  • ax210 firmware -,
  • bluetooth core specification,
  • fedora 34,
  • killer ac 1550 firmware -,
  • killer wi-fi 6 ax1650 firmware -,
  • killer wi-fi 6e ax1675 firmware -
Technical Analysis