First published: Thu Jan 21 2021(Updated: )
A vulnerability was found in Linux Kernel, where Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack. When an attacker connects to a victim device using the address of the device and the victim initiates a Pairing, the attacker can reflect the encrypted nonce even without knowledge of the key.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Android | ||
Bluetooth Core Specification | >=1.1b<=5.2 | |
Fedora | =34 | |
All of | ||
intel ax210 firmware | ||
intel ax210 | ||
All of | ||
intel ax201 firmware | ||
intel ax201 | ||
All of | ||
intel ax200 firmware | ||
intel ax200 | ||
All of | ||
Intel AMT AC 9560 Firmware | ||
Intel Wireless-AC 9560 | ||
All of | ||
intel ac 9462 firmware | ||
intel ac 9462 | ||
All of | ||
intel ac 9461 firmware | ||
intel ac 9461 | ||
All of | ||
intel ac 9260 firmware | ||
intel ac 9260 | ||
All of | ||
intel ac 8265 firmware | ||
Intel AMT AC 8265 | ||
All of | ||
intel ac 8260 firmware | ||
intel ac 8260 | ||
All of | ||
Intel AC3168 Firmware | ||
Intel AC3168 Firmware | ||
All of | ||
Intel 7265 firmware | ||
Intel Wireless 7265 | ||
All of | ||
intel ac 3165 firmware | ||
intel ac 3165 | ||
All of | ||
intel killer wi-fi 6e ax1675 firmware | ||
Intel Killer Wi-Fi 6E AX1675 | ||
All of | ||
intel killer wi-fi 6 ax1650 firmware | ||
Intel Killer Wi-Fi 6 AX1650 | ||
All of | ||
Intel Killer Wireless-AC 1550 | ||
Intel Killer Wireless-AC 1550 | ||
intel ax210 firmware | ||
intel ax210 | ||
intel ax201 firmware | ||
intel ax201 | ||
intel ax200 firmware | ||
intel ax200 | ||
Intel AMT AC 9560 Firmware | ||
Intel Wireless-AC 9560 | ||
intel ac 9462 firmware | ||
intel ac 9462 | ||
intel ac 9461 firmware | ||
intel ac 9461 | ||
intel ac 9260 firmware | ||
intel ac 9260 | ||
intel ac 8265 firmware | ||
Intel AMT AC 8265 | ||
intel ac 8260 firmware | ||
intel ac 8260 | ||
Intel AC3168 Firmware | ||
Intel AC3168 Firmware | ||
Intel 7265 firmware | ||
Intel Wireless 7265 | ||
intel ac 3165 firmware | ||
intel ac 3165 | ||
intel killer wi-fi 6e ax1675 firmware | ||
Intel Killer Wi-Fi 6E AX1675 | ||
intel killer wi-fi 6 ax1650 firmware | ||
Intel Killer Wi-Fi 6 AX1650 | ||
Intel Killer Wireless-AC 1550 | ||
Intel Killer Wireless-AC 1550 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-26555 has been assigned a high severity rating due to its potential for impersonation attacks during Bluetooth pairing.
To fix CVE-2020-26555, users should update their affected software or firmware to the latest version provided by their vendors.
CVE-2020-26555 affects various devices including certain versions of Bluetooth Core Specification and specific Intel wireless firmware.
CVE-2020-26555 can lead to impersonation attacks during the Bluetooth BR/EDR PIN Pairing procedure.
Currently, the best practice is to promptly apply security updates from manufacturers to mitigate the risk associated with CVE-2020-26555.