{"containers":{"cna":{"affected":[{"platforms":["N/A"],"product":"BR/EDR","vendor":"Bluetooth","versions":[{"lessThanOrEqual":"5.1","status":"affected","version":"5.1","versionType":"custom"}]}],"credits":[{"lang":"en","value":"Daniele Antonioli‚ Nils Ole Tippenhauer, Kasper Rasmussen"}],"datePublic":"2019-08-14T00:00:00.000Z","descriptions":[{"lang":"en","value":"The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka \"KNOB\") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing."}],"metrics":[{"cvssV3_0":{"attackComplexity":"LOW","attackVector":"ADJACENT_NETWORK","availabilityImpact":"LOW","baseScore":7.6,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"LOW","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L","version":"3.0"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-310","description":"CWE-310 Cryptographic Issues","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2020-01-30T10:06:23.000Z","orgId":"37e5125f-f79b-445b-8fad-9564f167944b","shortName":"certcc"},"references":[{"name":"VU#918987","tags":["third-party-advisory","x_refsource_CERT-VN"],"url":"https://www.kb.cert.org/vuls/id/918987/"},{"tags":["x_refsource_MISC"],"url":"http://www.cs.ox.ac.uk/publications/publication12404-abstract.html"},{"tags":["x_refsource_MISC"],"url":"https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli"},{"tags":["x_refsource_CONFIRM"],"url":"https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/"},{"name":"20190816 APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3","tags":["mailing-list","x_refsource_FULLDISC"],"url":"http://seclists.org/fulldisclosure/2019/Aug/14"},{"name":"20190816 APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra","tags":["mailing-list","x_refsource_FULLDISC"],"url":"http://seclists.org/fulldisclosure/2019/Aug/11"},{"name":"20190816 APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 12.4","tags":["mailing-list","x_refsource_FULLDISC"],"url":"http://seclists.org/fulldisclosure/2019/Aug/13"},{"name":"20190816 APPLE-SA-2019-8-13-4 Additional information for APPLE-SA-2019-7-22-5 tvOS 12.4","tags":["mailing-list","x_refsource_FULLDISC"],"url":"http://seclists.org/fulldisclosure/2019/Aug/15"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en"},{"name":"USN-4115-1","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"https://usn.ubuntu.com/4115-1/"},{"name":"USN-4118-1","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"https://usn.ubuntu.com/4118-1/"},{"name":"[debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html"},{"name":"[debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html"},{"name":"[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html"},{"name":"USN-4147-1","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"https://usn.ubuntu.com/4147-1/"},{"name":"RHSA-2019:2975","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2019:2975"},{"name":"openSUSE-SU-2019:2307","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html"},{"name":"openSUSE-SU-2019:2308","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html"},{"name":"RHSA-2019:3076","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2019:3076"},{"name":"RHSA-2019:3055","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2019:3055"},{"name":"RHSA-2019:3089","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2019:3089"},{"name":"RHSA-2019:3187","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2019:3187"},{"name":"RHSA-2019:3165","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2019:3165"},{"name":"RHSA-2019:3217","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2019:3217"},{"name":"RHSA-2019:3220","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2019:3220"},{"name":"RHSA-2019:3231","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2019:3231"},{"name":"RHSA-2019:3218","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2019:3218"},{"name":"RHSA-2019:3309","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2019:3309"},{"name":"RHSA-2019:3517","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2019:3517"},{"name":"RHSA-2020:0204","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2020:0204"}],"source":{"advisory":"VU#918987","defect":["VU#918987"],"discovery":"EXTERNAL"},"title":"Blutooth BR/EDR specification does not specify sufficient encryption key length and allows an attacker to influence key length negotiation","workarounds":[{"lang":"en","value":"Bluetooth SIG Expedited Errata Correction 11838"}],"x_generator":{"engine":"Vulnogram 0.0.7"},"x_legacyV4Record":{"CVE_data_meta":{"AKA":"KNOB","ASSIGNER":"cert@cert.org","DATE_PUBLIC":"2019-08-14","ID":"CVE-2019-9506","STATE":"PUBLIC","TITLE":"Blutooth BR/EDR specification does not specify sufficient encryption key length and allows an attacker to influence key length negotiation"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"BR/EDR","version":{"version_data":[{"platform":"N/A","version_affected":"<=","version_name":"5.1","version_value":"5.1"}]}}]},"vendor_name":"Bluetooth"}]}},"credit":[{"lang":"eng","value":"Daniele Antonioli‚ Nils Ole Tippenhauer, Kasper Rasmussen"}],"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka \"KNOB\") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing."}]},"generator":{"engine":"Vulnogram 0.0.7"},"impact":{"cvss":{"attackComplexity":"LOW","attackVector":"ADJACENT_NETWORK","availabilityImpact":"LOW","baseScore":7.6,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"LOW","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L","version":"3.0"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-310 Cryptographic Issues"}]}]},"references":{"reference_data":[{"name":"VU#918987","refsource":"CERT-VN","url":"https://www.kb.cert.org/vuls/id/918987/"},{"name":"http://www.cs.ox.ac.uk/publications/publication12404-abstract.html","refsource":"MISC","url":"http://www.cs.ox.ac.uk/publications/publication12404-abstract.html"},{"name":"https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli","refsource":"MISC","url":"https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli"},{"name":"https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/","refsource":"CONFIRM","url":"https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/"},{"name":"20190816 APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3","refsource":"FULLDISC","url":"http://seclists.org/fulldisclosure/2019/Aug/14"},{"name":"20190816 APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra","refsource":"FULLDISC","url":"http://seclists.org/fulldisclosure/2019/Aug/11"},{"name":"20190816 APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 12.4","refsource":"FULLDISC","url":"http://seclists.org/fulldisclosure/2019/Aug/13"},{"name":"20190816 APPLE-SA-2019-8-13-4 Additional information for APPLE-SA-2019-7-22-5 tvOS 12.4","refsource":"FULLDISC","url":"http://seclists.org/fulldisclosure/2019/Aug/15"},{"name":"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en","refsource":"CONFIRM","url":"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en"},{"name":"USN-4115-1","refsource":"UBUNTU","url":"https://usn.ubuntu.com/4115-1/"},{"name":"USN-4118-1","refsource":"UBUNTU","url":"https://usn.ubuntu.com/4118-1/"},{"name":"[debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update","refsource":"MLIST","url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html"},{"name":"[debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update","refsource":"MLIST","url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html"},{"name":"[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update","refsource":"MLIST","url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html"},{"name":"USN-4147-1","refsource":"UBUNTU","url":"https://usn.ubuntu.com/4147-1/"},{"name":"RHSA-2019:2975","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2019:2975"},{"name":"openSUSE-SU-2019:2307","refsource":"SUSE","url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html"},{"name":"openSUSE-SU-2019:2308","refsource":"SUSE","url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html"},{"name":"RHSA-2019:3076","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2019:3076"},{"name":"RHSA-2019:3055","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2019:3055"},{"name":"RHSA-2019:3089","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2019:3089"},{"name":"RHSA-2019:3187","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2019:3187"},{"name":"RHSA-2019:3165","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2019:3165"},{"name":"RHSA-2019:3217","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2019:3217"},{"name":"RHSA-2019:3220","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2019:3220"},{"name":"RHSA-2019:3231","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2019:3231"},{"name":"RHSA-2019:3218","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2019:3218"},{"name":"RHSA-2019:3309","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2019:3309"},{"name":"RHSA-2019:3517","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2019:3517"},{"name":"RHSA-2020:0204","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2020:0204"}]},"source":{"advisory":"VU#918987","defect":["VU#918987"],"discovery":"EXTERNAL"},"work_around":[{"lang":"en","value":"Bluetooth SIG Expedited Errata Correction 11838"}]}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T21:54:44.303Z"},"title":"CVE Program Container","references":[{"name":"VU#918987","tags":["third-party-advisory","x_refsource_CERT-VN","x_transferred"],"url":"https://www.kb.cert.org/vuls/id/918987/"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.cs.ox.ac.uk/publications/publication12404-abstract.html"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/"},{"name":"20190816 APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3","tags":["mailing-list","x_refsource_FULLDISC","x_transferred"],"url":"http://seclists.org/fulldisclosure/2019/Aug/14"},{"name":"20190816 APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra","tags":["mailing-list","x_refsource_FULLDISC","x_transferred"],"url":"http://seclists.org/fulldisclosure/2019/Aug/11"},{"name":"20190816 APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 12.4","tags":["mailing-list","x_refsource_FULLDISC","x_transferred"],"url":"http://seclists.org/fulldisclosure/2019/Aug/13"},{"name":"20190816 APPLE-SA-2019-8-13-4 Additional information for APPLE-SA-2019-7-22-5 tvOS 12.4","tags":["mailing-list","x_refsource_FULLDISC","x_transferred"],"url":"http://seclists.org/fulldisclosure/2019/Aug/15"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en"},{"name":"USN-4115-1","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"https://usn.ubuntu.com/4115-1/"},{"name":"USN-4118-1","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"https://usn.ubuntu.com/4118-1/"},{"name":"[debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html"},{"name":"[debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html"},{"name":"[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html"},{"name":"USN-4147-1","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"https://usn.ubuntu.com/4147-1/"},{"name":"RHSA-2019:2975","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2019:2975"},{"name":"openSUSE-SU-2019:2307","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html"},{"name":"openSUSE-SU-2019:2308","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html"},{"name":"RHSA-2019:3076","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2019:3076"},{"name":"RHSA-2019:3055","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2019:3055"},{"name":"RHSA-2019:3089","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2019:3089"},{"name":"RHSA-2019:3187","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2019:3187"},{"name":"RHSA-2019:3165","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2019:3165"},{"name":"RHSA-2019:3217","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2019:3217"},{"name":"RHSA-2019:3220","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2019:3220"},{"name":"RHSA-2019:3231","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2019:3231"},{"name":"RHSA-2019:3218","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2019:3218"},{"name":"RHSA-2019:3309","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2019:3309"},{"name":"RHSA-2019:3517","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2019:3517"},{"name":"RHSA-2020:0204","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2020:0204"}]}]},"cveMetadata":{"assignerOrgId":"37e5125f-f79b-445b-8fad-9564f167944b","assignerShortName":"certcc","cveId":"CVE-2019-9506","datePublished":"2019-08-14T16:27:45.059Z","dateReserved":"2019-03-01T00:00:00.000Z","dateUpdated":"2024-09-16T19:14:13.573Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}