Vulnerability Description
Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bluetooth | Bluetooth Core Specification | >= 2.1, <= 5.2 |
| Fedoraproject | Fedora | 34 |
| Debian | Debian Linux | 9.0 |
| Linux | Linux Kernel | < 5.13 |
| Intel | Ax210 Firmware | - |
| Intel | Ax210 | - |
| Intel | Ax201 Firmware | - |
| Intel | Ax201 | - |
| Intel | Ax200 Firmware | - |
| Intel | Ax200 | - |
| Intel | Ac 9560 Firmware | - |
| Intel | Ac 9560 | - |
| Intel | Ac 9462 Firmware | - |
| Intel | Ac 9462 | - |
| Intel | Ac 9461 Firmware | - |
| Intel | Ac 9461 | - |
| Intel | Ac 9260 Firmware | - |
| Intel | Ac 9260 | - |
| Intel | Ac 8265 Firmware | - |
| Intel | Ac 8265 | - |
Related Weaknesses (CWE)
References
- https://kb.cert.org/vuls/id/799380Third Party AdvisoryUS Government Resource
- https://lists.debian.org/debian-lts-announce/2021/06/msg00019.htmlMailing ListThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2021/06/msg00020.htmlMailing ListThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2021/06/msg00022.htmlMailing ListThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://security.gentoo.org/glsa/202209-16Third Party Advisory
- https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-securitVendor Advisory
- https://www.debian.org/security/2021/dsa-4951Third Party Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517.Third Party Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00520.Third Party Advisory
- https://kb.cert.org/vuls/id/799380Third Party AdvisoryUS Government Resource
- https://lists.debian.org/debian-lts-announce/2021/06/msg00019.htmlMailing ListThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2021/06/msg00020.htmlMailing ListThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2021/06/msg00022.htmlMailing ListThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
FAQ
What is CVE-2020-26558?
CVE-2020-26558 is a vulnerability with a CVSS score of 4.2 (MEDIUM). Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authen...
How severe is CVE-2020-26558?
CVE-2020-26558 has been rated MEDIUM with a CVSS base score of 4.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-26558?
Check the references section above for vendor advisories and patch information. Affected products include: Bluetooth Bluetooth Core Specification, Fedoraproject Fedora, Debian Debian Linux, Linux Linux Kernel, Intel Ax210 Firmware.