CVE-2020-26558

Published May 24, 2021
Last updated a year ago
CVSS medium 4.2
Overview

Description: Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time.
Source: cve@mitre.org
NVD status: Modified
Risk scores

CVSS 3.1

Type: Primary
Base score: 4.2
Impact score: 2.5
Exploitability score: 1.6
Vector string: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
Severity: MEDIUM
CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 4.9
Exploitability score: 5.5
Vector string: AV:A/AC:M/Au:N/C:P/I:P/A:N
Weaknesses

nvd@nist.gov: CWE-287
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:bluetooth:bluetooth_core_specification:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9856E3E9-B127-4CA2-A4E3-006EBEF3ADD8",
            "versionEndIncluding": "5.2",
            "versionStartIncluding": "2.1"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7ABDE34F-742E-4233-8C9C-599457807773",
            "versionEndExcluding": "5.13"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:intel:ax210_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2BA9E525-21D9-4B3E-85A2-63C7F01F7950"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:intel:ax210:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F226D74C-4A48-4AC0-A565-A00D555E27D6"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:intel:ax201_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4AAB385A-5D49-4CED-92BD-8E790F29DCED"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:intel:ax201:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4649D446-130B-4B31-B9ED-BA7F9F7EEB8F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:intel:ax200_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1BECECBE-C8FC-4669-A5DF-22EF61449B1F"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:intel:ax200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E9903E2E-A670-40D4-8B9F-D2C0CFDBFC9F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:intel:ac_9560_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7154EAF0-2E61-4813-B443-C4556137EB4D"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:intel:ac_9560:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D382D4A1-C8FD-4B47-B2C4-145232EC8AC5"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:intel:ac_9462_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D65359E2-1507-46F9-B259-7A75DF68EB34"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:intel:ac_9462:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6E89EB0D-233A-486A-BDAE-F5726432CD7E"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:intel:ac_9461_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EC15313E-27FB-470E-BB55-4A372B04864D"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:intel:ac_9461:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A11E55E8-5FA9-4ED7-AB61-03F22EE1759B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:intel:ac_9260_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2915178-6BB6-45EE-A19D-EDB5B78F2BE2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:intel:ac_9260:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C2795E42-D044-4D48-BCB2-61CC1A3471B1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:intel:ac_8265_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E5ADC21-F308-4CAA-8E98-4E7FDC7EDAAC"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:intel:ac_8265:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C08E2F3E-C4B5-4227-A88D-C50E209A12CF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:intel:ac_8260_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28B0DBF3-63BB-40EF-9D46-E32D074D73DA"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:intel:ac_8260:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B5A8F30C-6BB7-4CC6-ADBE-1859DAF66C58"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:intel:ac_3168_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E5199A11-AEAB-4110-A7F3-04239D35321F"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:intel:ac_3168:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "ED5B2BCE-2D8A-440C-B866-76E035314022"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:intel:ac_7265_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7218FFF6-506E-45D7-9428-DDEACF4E5E1A"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:intel:ac_7265:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8F9F1CE7-8F14-4526-A857-7B954EC4BB6F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:intel:ac_3165_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D141E7D-2CC4-47E7-8EBD-E4653FAA5EEA"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:intel:ac_3165:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "197A3DA1-B8EF-438F-B933-32253C43C8EE"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:intel:ax1675_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0DAB2B67-5C39-4438-8E36-3F740A697599"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:intel:ax1675:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3F407ACA-0952-4717-A302-2D5CEB6DB111"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:intel:ax1650_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B39FB813-1EC0-4B5C-B8CB-F5129DBF94C2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:intel:ax1650:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E8B944F7-4A5F-41D0-A910-6F978F66CAA0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:intel:ac_1550_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A66D96C8-7C0D-4615-B825-A15DBB37B920"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:intel:ac_1550:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "12419474-DB56-462D-9116-3614A4BBAF20"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References
