Vulnerabilities > Bluetooth > Bluetooth Core Specification > 1.1b
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-02 | CVE-2022-24695 | Unspecified vulnerability in Bluetooth Core Specification Bluetooth Classic in Bluetooth Core Specification through 5.3 does not properly conceal device information for Bluetooth transceivers in Non-Discoverable mode. low complexity bluetooth | 4.3 |
| 2022-12-12 | CVE-2022-25837 | Authentication Bypass by Capture-replay vulnerability in Bluetooth Core Specification Bluetooth® Pairing in Bluetooth Core Specification v1.0B through v5.3 may permit an unauthenticated MITM to acquire credentials with two pairing devices via adjacent access when at least one device supports BR/EDR Secure Connections pairing and the other BR/EDR Legacy PIN code pairing if the MITM negotiates BR/EDR Secure Simple Pairing in Secure Connections mode using the Passkey association model with the pairing Initiator and BR/EDR Legacy PIN code pairing with the pairing Responder and brute forces the Passkey entered by the user into the Responder as a 6-digit PIN code. | 7.5 |
| 2021-05-24 | CVE-2020-26555 | Incorrect Authorization vulnerability in multiple products Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN. | 5.4 |
| 2021-05-24 | CVE-2020-26556 | Improper Restriction of Excessive Authentication Attempts vulnerability in Bluetooth Core Specification and Mesh Profile Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to conduct a successful brute-force attack on an insufficiently random AuthValue before the provisioning procedure times out, to complete authentication by leveraging Malleable Commitment. | 2.9 |
| 2020-09-11 | CVE-2020-15802 | Improper Authentication vulnerability in Bluetooth Core Specification Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. | 5.9 |