CVE-2020-15802Improper Authentication in Core Specification

CWE-287Improper AuthenticationCWE-285Improper Authorization9 documents7 sources
Severity
5.9MEDIUMNVD
EPSS
55.5%
top 1.92%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Platform System BTBluetooth Core Specification
Timeline
PublishedSep 11
Latest updateMay 24

Description

Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, either LE or BR/EDR, and replace a bonding already established on the opposing transport, BR/EDR or LE, potentially overwriting an authenticated key with an unauthenticated key, or a key with greater entropy with one with less.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages2 packages

Androidplatform/system_bt8.0:08.0:2020-12-01+4

🔴Vulnerability Details

4
GHSA
GHSA-2ffq-f4m4-q248: Devices supporting Bluetooth before 52022-05-24
OSV
CVE-2020-15802: In smp_key_distribution of smp_act2020-12-01
OSV
CVE-2020-15802: Devices supporting Bluetooth before 52020-09-11
CVEList
CVE-2020-15802: Devices supporting Bluetooth before 52020-09-11

📋Vendor Advisories

2
Android
CVE-2020-15802: Android Security Bulletin 2020-12-01 CVE: CVE-2020-15802 Severity: HIGH Type: ID Affected AOSP versions: 82020-12-01
Red Hat
hardware: BLURtooth: "Dual mode" hardware using CTKD are vulnerable to key overwrite2020-09-10

💬Community

2
Bugzilla
CVE-2020-15802 hardware: BLURtooth: "Dual mode" hardware using CTKD are vulnerable to key overwrite2020-09-11
Bugzilla
CVE-2020-15802 kernel: hardware: BLURtooth: "Dual mode" hardware using CTKD are vulnerable to key overwrite [fedora-all]2020-09-11
CVE-2020-15802 — Improper Authentication | cvebase