Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In smp_proc_rand of smp_act.cc, there is a possible authentication bypass during legacy BLE pairing due to incorrect implementation of a protocol. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Google Android 安全漏洞
Vulnerability Description
Google Android是美国谷歌(Google)公司的一套以Linux为基础的开源操作系统。 Google Android 存在安全漏洞,该漏洞源于 smp_act.cc 文件的 smp_proc_rand 方法存在协议实现不正确,在旧式 BLE 配对期间可能会绕过身份验证。
CVSS Information
N/A
Vulnerability Type
N/A