CVE-2020-26557 - OpenCVE

Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (without possession of the AuthValue used in the provisioning protocol) to determine the AuthValue via a brute-force attack (unless the AuthValue is sufficiently random and changed each time).

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Adjacent Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:A/AC:M/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Bluetooth	Mesh Profile

Configuration 1 [-]

OR	cpe:2.3:a:bluetooth:mesh_profile:1.0.0:::::::*
	cpe:2.3:a:bluetooth:mesh_profile:1.0.1:::::::*

References

Link	Resource
https://kb.cert.org/vuls/id/799380	Third Party Advisory US Government Resource
https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security/	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2021-05-24T17:28:56

Updated: 2021-05-24T17:28:56

Reserved: 2020-10-04T00:00:00

Link: CVE-2020-26557

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-05-24T18:15:07.903

Modified: 2022-07-12T17:42:04.277

Link: CVE-2020-26557

JSON object: View

Redhat Information

No data.

CWE

CWE-287

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (without possession of the AuthValue used in the provisioning protocol) to determine the AuthValue via a brute-force attack (unless the AuthValue is sufficiently random and changed each time)."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-05-24T17:28:56", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security/"}, {"tags": ["x_refsource_MISC"], "url": "https://kb.cert.org/vuls/id/799380"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-26557", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (without possession of the AuthValue used in the provisioning protocol) to determine the AuthValue via a brute-force attack (unless the AuthValue is sufficiently random and changed each time)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security/", "refsource": "MISC", "url": "https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security/"}, {"name": "https://kb.cert.org/vuls/id/799380", "refsource": "MISC", "url": "https://kb.cert.org/vuls/id/799380"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-26557", "datePublished": "2021-05-24T17:28:56", "dateReserved": "2020-10-04T00:00:00", "dateUpdated": "2021-05-24T17:28:56", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:bluetooth:mesh_profile:1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "851ACDD0-CD31-4CEC-AD23-C57C68178352", "vulnerable": true}, {"criteria": "cpe:2.3:a:bluetooth:mesh_profile:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "C4959D86-09FD-4C6A-AA52-7667FA9EC4BD", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (without possession of the AuthValue used in the provisioning protocol) to determine the AuthValue via a brute-force attack (unless the AuthValue is sufficiently random and changed each time)."}, {"lang": "es", "value": "Un Mesh Provisioning en el perfil de Bluetooth Mesh versiones 1.0 y 1.0.1, puede permitir a un dispositivo cercano (sin la posesi\u00f3n del AuthValue usado en el protocolo de aprovisionamiento) determinar el AuthValue por medio de un ataque de fuerza bruta (a menos que el AuthValue sea lo suficientemente aleatorio y se cambie cada vez)"}], "id": "CVE-2020-26557", "lastModified": "2022-07-12T17:42:04.277", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.9, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:A/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 5.5, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-05-24T18:15:07.903", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://kb.cert.org/vuls/id/799380"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}