CVE-2020-26560 - CERT CVE
ID CVE-2020-26560
Sažetak Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, reflecting the authentication evidence from a Provisioner, to complete authentication without possessing the AuthValue, and potentially acquire a NetKey and AppKey.
Reference
CVSS
Base: 4.8
Impact: 4.9
Exploitability:6.5
Pristup
VektorSloženostAutentikacija
ADJACENT_NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL PARTIAL NONE
CVSS vektor AV:A/AC:L/Au:N/C:P/I:P/A:N
Zadnje važnije ažuriranje 03-06-2021 - 17:12
Objavljeno 24-05-2021 - 18:15