Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Bluetooth Low Energy implementation in Cypress PSoC Creator BLE 4.2 component versions before 3.64 generates a random number (Pairing Random) with significantly less entropy than the specified 128 bits during BLE pairing. This is the case for both authenticated and unauthenticated pairing with both LE Secure Connections as well as LE Legacy Pairing. A predictable or brute-forceable random number allows an attacker (in radio range) to perform a MITM attack during BLE pairing.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cypress Semiconductor PSoC Creator BLE 安全特征问题漏洞
Vulnerability Description
Cypress Semiconductor PSoC Creator BLE是美国赛普拉斯半导体(Cypress Semiconductor)公司的一款集成了蓝牙低功耗(BLE)的可编程嵌入式系统级芯片。 Cypress Semiconductor PSoC Creator 4.2 BLE 3.64之前版本中存在安全特征问题漏洞,该漏洞源于BLE的实现生成了64位而不是128位的随机数。攻击者可利用该漏洞在BLE配对期间实施中间人攻击。
CVSS Information
N/A
Vulnerability Type
N/A