CVE-2020-26556

Name of the Vulnerable Software and Affected Versions: Bluetooth Mesh profile versions 1.0 and 1.0.1

Description: The issue allows a nearby device to conduct a successful brute-force attack on an insufficiently random AuthValue before the provisioning procedure times out, potentially completing authentication by leveraging Malleable Commitment. This could be exploited in real-world scenarios where an attacker is in close proximity to the target device.

Recommendations: For Bluetooth Mesh profile version 1.0, consider implementing additional security measures to protect against brute-force attacks on the AuthValue. For Bluetooth Mesh profile version 1.0.1, apply the same mitigation as for version 1.0, focusing on enhancing the randomness of the AuthValue to prevent successful brute-force attacks. As a temporary workaround, consider restricting the provisioning procedure's timeout to minimize the window of opportunity for an attacker to conduct a brute-force attack.