cbcvebase.
CVE-2021-1638
published 2021-01-12

CVE-2021-1638: Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this…

medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG. To address the vulnerability, Microsoft has released a software update that will fail attempts to pair if the remote device exchanges a public key with the same X coordinate as the locally exchanged public key

Affected

34 ranges· showing 25
VendorProductVersion rangeFixed in
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10_version_1803>= 10.0.0 < publicationpublication
microsoftwindows_10_version_1809>= 10.0.0 < publicationpublication
microsoftwindows_10_version_1909>= 10.0.0 < publicationpublication
microsoftwindows_10_version_2004>= 10.0.0 < publicationpublication
microsoftwindows_10_version_20h2>= 10.0.0 < publicationpublication
microsoftwindows_server_2016
microsoftwindows_server_2016
microsoftwindows_server_2016
microsoftwindows_server_2019>= 10.0.0 < publicationpublication
microsoftwindows_server_version_2004>= 10.0.0 < publicationpublication
microsoftwindows_server_version_20h2>= 10.0.0 < publicationpublication
msrcwindows_10_version_1803_for_32-bit_systems
msrcwindows_10_version_1803_for_arm64-based_systems
msrcwindows_10_version_1803_for_x64-based_systems
msrcwindows_10_version_1809_for_32-bit_systems
msrcwindows_10_version_1809_for_arm64-based_systems
msrcwindows_10_version_1809_for_x64-based_systems
msrcwindows_10_version_1909_for_32-bit_systems
msrcwindows_10_version_1909_for_arm64-based_systems
msrcwindows_10_version_1909_for_x64-based_systems