CVE-2020-35473 — Observable Discrepancy in Core Specification

CWE-203 — Observable Discrepancy CWE-294 — Authentication Bypass by Capture-replay3 documents3 sources

Severity

4.3MEDIUMNVD

EPSS

0.1%

top 65.24%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Bluetooth Core Specification

Timeline

PublishedNov 8

Description

An information leakage vulnerability in the Bluetooth Low Energy advertisement scan response in Bluetooth Core Specifications 4.0 through 5.2, and extended scan response in Bluetooth Core Specifications 5.0 through 5.2, may be used to identify devices using Resolvable Private Addressing (RPA) by their response or non-response to specific scan requests from remote addresses. RPAs that have been associated with a specific remote device may also be used to identify a peer in the same manner by usin…

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages1 packages

▶NVDbluetooth/bluetooth_core_specification4.0 — 5.2

🔴Vulnerability Details

CVEList

CVE-2020-35473: An information leakage vulnerability in the Bluetooth Low Energy advertisement scan response in Bluetooth Core Specifications 4↗2022-11-08

▶

GHSA

GHSA-qw9m-cx2j-p94f: An information leakage vulnerability in the Bluetooth Low Energy advertisement scan response in Bluetooth Core Specifications 4↗2022-11-08

▶