CVE-2019-9506 — HIGH (8.1) — White Hats Nepal

Vulnerability Description

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.

CVSS Score

8.1

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

NONE

Affected Products

Vendor	Product	Versions
Google	Android	-
Blackberry	Blackberry	-
Apple	Iphone Os	12.4
Apple	Mac Os X	10.12.6
Apple	Tvos	12.4
Apple	Watchos	5.3
Canonical	Ubuntu Linux	16.04
Debian	Debian Linux	8.0
Opensuse	Leap	15.0
Redhat	Mrg Realtime	2.0
Redhat	Virtualization Host Eus	4.2
Redhat	Enterprise Linux	8.0
Redhat	Enterprise Linux Aus	7.5
Redhat	Enterprise Linux Eus	7.6
Redhat	Enterprise Linux For Real Time	7
Redhat	Enterprise Linux For Real Time Eus	8.2
Redhat	Enterprise Linux For Real Time For Nfv	7
Redhat	Enterprise Linux For Real Time For Nfv Eus	8.2
Redhat	Enterprise Linux Server	7.0
Redhat	Enterprise Linux Server Aus	7.3

Related Weaknesses (CWE)

CWE-310 CWE-327

References

http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.htmlMailing ListThird Party Advisory
http://seclists.org/fulldisclosure/2019/Aug/11Mailing ListThird Party Advisory
http://seclists.org/fulldisclosure/2019/Aug/13Mailing ListThird Party Advisory
http://seclists.org/fulldisclosure/2019/Aug/14Mailing ListThird Party Advisory
http://seclists.org/fulldisclosure/2019/Aug/15Mailing ListThird Party Advisory
http://www.cs.ox.ac.uk/publications/publication12404-abstract.htmlThird Party Advisory
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-enThird Party Advisory
https://access.redhat.com/errata/RHSA-2019:2975Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3055Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3076Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3089Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3165Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3187Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3217Third Party Advisory

FAQ

What is CVE-2019-9506?

CVE-2019-9506 is a vulnerability with a CVSS score of 8.1 (HIGH). The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This all...

How severe is CVE-2019-9506?

CVE-2019-9506 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-9506?

Check the references section above for vendor advisories and patch information. Affected products include: Google Android, Blackberry Blackberry, Apple Iphone Os, Apple Mac Os X, Apple Tvos.