Overview
- Description
- In Samsung Gear products, Bluetooth link key is updated to the different key which is same with attacker's link key. It can be attacked without user's intention only if attacker can reveal the Bluetooth address of target device and paired user's smartphone
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 5.7
- Impact score
- 3.6
- Exploitability score
- 2.1
- Vector string
- CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 5.7
- Impact score
- 6.9
- Exploitability score
- 5.5
- Vector string
- AV:A/AC:M/Au:N/C:N/I:N/A:C
Weaknesses
- nvd@nist.gov
- CWE-20
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:samsung:gear_s2:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "80E04318-D715-4263-A869-C9203EB7CE75"
},
{
"criteria": "cpe:2.3:h:samsung:gear_s3:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "EB6F5890-C7A5-45B2-BADE-118B53BE2667"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]