Kasper Rasmussen

**Name of the Vulnerable Software and Affected Versions** Bluetooth BR/EDR Core Specification versions prior to v5.2 **Description** The issue concerns a flaw in the authentication procedure of the Bluetooth BR/EDR protocol, allowing an unauthenticated, adjacent attacker to impersonate a Bluetooth BR/EDR master or slave and pair with a previously paired remote device without knowing the link key. This could potentially compromise the confidentiality and integrity of protected information. **Recommendations** For Bluetooth BR/EDR Core Specification versions prior to v5.2, consider implementing additional authentication measures or restricting access to sensitive data until a patch or update is available. As a temporary workaround, restrict the use of legacy pairing and secure-connections pairing authentication to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.