CVE-2020-26556Improper Restriction of Excessive Authentication Attempts in Core Specification

CWE-307Improper Restriction of Excessive Authentication AttemptsCWE-331Insufficient Entropy5 documents5 sources
Severity
7.5HIGHNVD
EPSS
0.9%
top 24.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Bluetooth Core SpecificationBluetooth Mesh Profile
Timeline
PublishedMay 24
Latest updateMay 24

Description

Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to conduct a successful brute-force attack on an insufficiently random AuthValue before the provisioning procedure times out, to complete authentication by leveraging Malleable Commitment.

CVSS vector

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9

Affected Packages2 packages

NVDbluetooth/mesh_profile1.0.0, 1.0.1+1

🔴Vulnerability Details

3
GHSA
GHSA-69j7-838h-x496: Mesh Provisioning in the Bluetooth Mesh profile 12022-05-24
CVEList
CVE-2020-26556: Mesh Provisioning in the Bluetooth Mesh profile 12021-05-24
OSV
CVE-2020-26556: Mesh Provisioning in the Bluetooth Mesh profile 12021-05-24

📋Vendor Advisories

1
Red Hat
kernel: malleable commitment Bluetooth Mesh Provisioning2021-05-24
CVE-2020-26556 — Core Specification vulnerability | cvebase