CVE-2020-10135: Bluetooth devices supporting BR/EDR v5.2 and earlier are vulnerable to impersonation attacks

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-10135

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Bluetooth devices supporting BR/EDR v5.2 and earlier are vulnerable to impersonation attacks

Source: NVD (National Vulnerability Database)

Vulnerability Description

Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. An unauthenticated, adjacent attacker could impersonate a Bluetooth BR/EDR master or slave to pair with a previously paired remote device to successfully complete the authentication procedure without knowing the link key.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Source: NVD (National Vulnerability Database)

Vulnerability Type

在会话协商时选择低安全性的算法(算法降级)

Source: NVD (National Vulnerability Database)

Vulnerability Title

Bluetooth BR/EDR 授权问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Bluetooth BR/EDR是一种蓝牙BR/EDR（基本速率/增强数据速率）标准。 Bluetooth BR/EDR（Basic Rate/Enhanced Data Rate）Core Specification v5.2及之前版本中的旧式配对和安全连接配对认证存在授权问题漏洞。攻击者可借助蓝牙模拟攻击（BIAS）利用该漏洞获取访问权限。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Bluetooth	BR/EDR	5.2 ~ 5.2	-

II. Public POCs for CVE-2020-10135

#	POC Description	Source Link	Shenlong Link
1	CVE 2020-10135 a.k.a BIAS (Bluetooth Impersonation Attack)	https://github.com/marcinguy/CVE-2020-10135-BIAS	POC Details
2	CVE 2020-10135 a.k.a BIAS (Bluetooth Impersonation Attack)	https://github.com/m4rm0k/CVE-2020-10135-BIAS	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2020-10135

Please Login to view more intelligence information

https://www.bluetooth.com/learn-about-bluetooth/bluetooth-technology/bluetooth-security/bias-vulnerability/x_refsource_CONFIRM
https://francozappa.github.io/about-bias/x_refsource_MISC
http://packetstormsecurity.com/files/157922/Bluetooth-Impersonation-Attack-BIAS-Proof-Of-Concept.htmlx_refsource_MISC
https://kb.cert.org/vuls/id/647177/third-party-advisoryx_refsource_CERT-VN
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00047.htmlvendor-advisoryx_refsource_SUSE
http://seclists.org/fulldisclosure/2020/Jun/5mailing-listx_refsource_FULLDISC
https://nvd.nist.gov/vuln/detail/CVE-2020-10135

IV. Related Vulnerabilities

Same product: BR/EDR

CVE-2019-9506
Blutooth BR/EDR specification does not specify sufficient en

Same vendor: Bluetooth

Same weakness: CWE-757

V. Comments for CVE-2020-10135

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2020-10135

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2020-10135

III. Intelligence Information for CVE-2020-10135

IV. Related Vulnerabilities

V. Comments for CVE-2020-10135

Leave a comment