CVE-2023-4258

Name of the Vulnerable Software and Affected Versions Zephyr (affected versions not specified)

Description The issue is related to errors in the representation of given functions in the Bluetooth protocol implementation of the Zephyr real-time operating system. It may allow a remote attacker to gain unauthorized access to protected information. In the Bluetooth mesh implementation, if a provisionee has a public key sent out-of-band (OOB), it can be sent back during provisioning and will be accepted by the provisionee.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.