CVE-2020-10134

Name of the Vulnerable Software and Affected Versions Bluetooth Core versions prior to 5.3

Description The issue allows an unauthenticated attacker to acquire credentials with two pairing devices via adjacent access when different pairing methods are initiated in each peer device and an end-user completes both pairing procedures with the Man-In-The-Middle (MITM) using the confirmation number of one peer as the passkey of the other. This could enable the attacker to initiate any Bluetooth operation on either attacked device exposed by the enabled Bluetooth profiles. The exposure may be limited when the user must authorize certain access explicitly, but device-local protections may be weakened if a user assumes the requesting device is the intended remote device.

Recommendations For Bluetooth Core versions prior to 5.3, consider disabling Bluetooth pairing until a patch is available to prevent exploitation. Restrict access to enabled Bluetooth profiles to minimize the risk of exploitation. Avoid using the same confirmation number as a passkey for different pairing methods to reduce the risk of credential acquisition by an attacker. At the moment, there is no information about a newer version that contains a fix for this vulnerability.