- Description
- In Samsung Gear products, Bluetooth link key is updated to the different key which is same with attacker's link key. It can be attacked without user's intention only if attacker can reveal the Bluetooth address of target device and paired user's smartphone
- Source
- cve@mitre.org
- NVD status
- Analyzed
CVSS 3.0
- Type
- Primary
- Base score
- 5.7
- Impact score
- 3.6
- Exploitability score
- 2.1
- Vector string
- CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 5.7
- Impact score
- 6.9
- Exploitability score
- 5.5
- Vector string
- AV:A/AC:M/Au:N/C:N/I:N/A:C
- nvd@nist.gov
- CWE-20
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:samsung:gear_s2:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "80E04318-D715-4263-A869-C9203EB7CE75"
},
{
"criteria": "cpe:2.3:h:samsung:gear_s3:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "EB6F5890-C7A5-45B2-BADE-118B53BE2667"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]