{"containers":{"cna":{"affected":[{"product":"BR/EDR","vendor":"Bluetooth","versions":[{"lessThanOrEqual":"5.2","status":"affected","version":"5.2","versionType":"custom"}]}],"datePublic":"2020-04-14T00:00:00.000Z","descriptions":[{"lang":"en","value":"Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. An unauthenticated, adjacent attacker could impersonate a Bluetooth BR/EDR master or slave to pair with a previously paired remote device to successfully complete the authentication procedure without knowing the link key."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"ADJACENT_NETWORK","availabilityImpact":"NONE","baseScore":5.4,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"LOW","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","version":"3.1"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-757","description":"CWE-757 Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2020-11-02T15:52:55.000Z","orgId":"37e5125f-f79b-445b-8fad-9564f167944b","shortName":"certcc"},"references":[{"name":"VU#647177","tags":["third-party-advisory","x_refsource_CERT-VN"],"url":"https://kb.cert.org/vuls/id/647177/"},{"name":"20200602 BIAS (Bluetooth Impersonation Attack) CVE 2020-10135 reproduction","tags":["mailing-list","x_refsource_FULLDISC"],"url":"http://seclists.org/fulldisclosure/2020/Jun/5"},{"name":"openSUSE-SU-2020:1153","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html"},{"name":"openSUSE-SU-2020:1236","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00047.html"},{"tags":["x_refsource_MISC"],"url":"https://francozappa.github.io/about-bias/"},{"tags":["x_refsource_CONFIRM"],"url":"https://www.bluetooth.com/learn-about-bluetooth/bluetooth-technology/bluetooth-security/bias-vulnerability/"},{"tags":["x_refsource_MISC"],"url":"http://packetstormsecurity.com/files/157922/Bluetooth-Impersonation-Attack-BIAS-Proof-Of-Concept.html"}],"source":{"discovery":"UNKNOWN"},"title":"Bluetooth devices supporting BR/EDR v5.2 and earlier are vulnerable to impersonation attacks","x_generator":{"engine":"Vulnogram 0.0.9"},"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cert@cert.org","DATE_PUBLIC":"2020-04-14T00:00:00.000Z","ID":"CVE-2020-10135","STATE":"PUBLIC","TITLE":"Bluetooth devices supporting BR/EDR v5.2 and earlier are vulnerable to impersonation attacks"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"BR/EDR","version":{"version_data":[{"version_affected":"<=","version_name":"5.2","version_value":"5.2"}]}}]},"vendor_name":"Bluetooth"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. An unauthenticated, adjacent attacker could impersonate a Bluetooth BR/EDR master or slave to pair with a previously paired remote device to successfully complete the authentication procedure without knowing the link key."}]},"generator":{"engine":"Vulnogram 0.0.9"},"impact":{"cvss":{"attackComplexity":"LOW","attackVector":"ADJACENT_NETWORK","availabilityImpact":"NONE","baseScore":5.4,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"LOW","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-757 Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')"}]}]},"references":{"reference_data":[{"name":"VU#647177","refsource":"CERT-VN","url":"https://kb.cert.org/vuls/id/647177/"},{"name":"20200602 BIAS (Bluetooth Impersonation Attack) CVE 2020-10135 reproduction","refsource":"FULLDISC","url":"http://seclists.org/fulldisclosure/2020/Jun/5"},{"name":"openSUSE-SU-2020:1153","refsource":"SUSE","url":"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html"},{"name":"openSUSE-SU-2020:1236","refsource":"SUSE","url":"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00047.html"},{"name":"https://francozappa.github.io/about-bias/","refsource":"MISC","url":"https://francozappa.github.io/about-bias/"},{"name":"https://www.bluetooth.com/learn-about-bluetooth/bluetooth-technology/bluetooth-security/bias-vulnerability/","refsource":"CONFIRM","url":"https://www.bluetooth.com/learn-about-bluetooth/bluetooth-technology/bluetooth-security/bias-vulnerability/"},{"name":"http://packetstormsecurity.com/files/157922/Bluetooth-Impersonation-Attack-BIAS-Proof-Of-Concept.html","refsource":"MISC","url":"http://packetstormsecurity.com/files/157922/Bluetooth-Impersonation-Attack-BIAS-Proof-Of-Concept.html"}]},"source":{"discovery":"UNKNOWN"}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T10:50:57.869Z"},"title":"CVE Program Container","references":[{"name":"VU#647177","tags":["third-party-advisory","x_refsource_CERT-VN","x_transferred"],"url":"https://kb.cert.org/vuls/id/647177/"},{"name":"20200602 BIAS (Bluetooth Impersonation Attack) CVE 2020-10135 reproduction","tags":["mailing-list","x_refsource_FULLDISC","x_transferred"],"url":"http://seclists.org/fulldisclosure/2020/Jun/5"},{"name":"openSUSE-SU-2020:1153","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html"},{"name":"openSUSE-SU-2020:1236","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00047.html"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://francozappa.github.io/about-bias/"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://www.bluetooth.com/learn-about-bluetooth/bluetooth-technology/bluetooth-security/bias-vulnerability/"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://packetstormsecurity.com/files/157922/Bluetooth-Impersonation-Attack-BIAS-Proof-Of-Concept.html"}]}]},"cveMetadata":{"assignerOrgId":"37e5125f-f79b-445b-8fad-9564f167944b","assignerShortName":"certcc","cveId":"CVE-2020-10135","datePublished":"2020-05-19T15:50:14.000Z","dateReserved":"2020-03-05T00:00:00.000Z","dateUpdated":"2024-09-17T02:57:41.936Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}