CVE-2018-16265

Name of the Vulnerable Software and Affected Versions: Tizen versions prior to 5.0 M1 Tizen-based firmwares including Samsung Galaxy Gear series before build RE2

Description: The issue arises from improper D-Bus security policy configurations in the bt/bt core system service, allowing an unprivileged process to create a system user interface and control the Bluetooth pairing process.

Recommendations: For Tizen versions prior to 5.0 M1, update to version 5.0 M1 or later to resolve the issue. For Tizen-based firmwares including Samsung Galaxy Gear series before build RE2, update to build RE2 or later to resolve the issue.