Details of VAR-202009-0586

ID

VAR-202009-0586

CVE

CVE-2020-15802

TITLE

Devices supporting Bluetooth BR/EDR and LE using CTKD are vulnerable to key overwrite

Trust: 0.8

sources: CERT/CC: VU#589825

DESCRIPTION

Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, either LE or BR/EDR, and replace a bonding already established on the opposing transport, BR/EDR or LE, potentially overwriting an authenticated key with an unauthenticated key, or a key with greater entropy with one with less. This vulnerability is being referred to as BLURtooth.CVE-2020-15802 AffectedCVE-2020-15802 Affected

Trust: 1.71

sources: NVD: CVE-2020-15802 // CERT/CC: VU#589825 // VULMON: CVE-2020-15802

IOT TAXONOMY

category:

['network device']

sub_category:

bluetooth device

Trust: 0.1

sources: OTHER: None

AFFECTED PRODUCTS

vendor:

bluetooth

model:

core specification

scope:

version:

5.1

Trust: 1.0

sources: NVD: CVE-2020-15802

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-15802
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-202009-592
value:	MEDIUM
Trust: 0.6
VULMON:	CVE-2020-15802
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2020-15802
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1

nvd@nist.gov:	CVE-2020-15802
baseSeverity:	MEDIUM
baseScore:	5.9
vectorString:	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	2.2
impactScore:	3.6
version:	3.1
Trust: 1.0

sources: VULMON: CVE-2020-15802 // CNNVD: CNNVD-202009-592 // NVD: CVE-2020-15802

PROBLEMTYPE DATA

problemtype:

CWE-287

Trust: 1.0

sources: NVD: CVE-2020-15802

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202009-592

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-202009-592

PATCH

title:	Bluetooth Core Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=128046	Trust: 0.6
title:	The Register	url:	https://www.theregister.co.uk/2020/09/11/blurtooth_vulnerability/	Trust: 0.2
title:	-	url:	https://github.com/Live-Hack-CVE/CVE-2020-15802	Trust: 0.1
title:	-	url:	https://github.com/francozappa/blur	Trust: 0.1
title:	-	url:	https://github.com/goblimey/learn-unix	Trust: 0.1
title:	-	url:	https://github.com/Essen-Lin/Practice-of-the-Attack-and-Defense-of-Computers_Project2	Trust: 0.1
title:	-	url:	https://github.com/JeffroMF/awesome-bluetooth-security321	Trust: 0.1
title:	-	url:	https://github.com/khulnasoft-lab/awesome-security	Trust: 0.1
title:	-	url:	https://github.com/vincent-deng/veracode-container-security-finding-parser	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/bluetooth-bug-mitm-attacks/159124/	Trust: 0.1

sources: VULMON: CVE-2020-15802 // CNNVD: CNNVD-202009-592

EXTERNAL IDS

db:	NVD	id:	CVE-2020-15802	Trust: 2.6
db:	CERT/CC	id:	VU#589825	Trust: 2.5
db:	CNNVD	id:	CNNVD-202009-592	Trust: 0.6
db:	OTHER	id:	NONE	Trust: 0.1
db:	VULMON	id:	CVE-2020-15802	Trust: 0.1

sources: OTHER: None // CERT/CC: VU#589825 // VULMON: CVE-2020-15802 // CNNVD: CNNVD-202009-592 // NVD: CVE-2020-15802

REFERENCES

url:	https://www.kb.cert.org/vuls/id/589825	Trust: 2.3
url:	https://gizmodo.com/bluetooth-unveils-its-latest-security-issue-with-no-se-1845013709	Trust: 1.7
url:	https://www.bluetooth.com/learn-about-bluetooth/bluetooth-technology/bluetooth-security/blurtooth/	Trust: 1.7
url:	cve-2020-15802	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-15802	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2020-15802	Trust: 0.6
url:	https://vigilance.fr/vulnerability/bluetooth-man-in-the-middle-via-cross-transport-key-derivation-33313	Trust: 0.6
url:	https://ieeexplore.ieee.org/abstract/document/10769424	Trust: 0.1
url:	https://cwe.mitre.org/data/definitions/287.html	Trust: 0.1
url:	https://github.com/live-hack-cve/cve-2020-15802	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.theregister.co.uk/2020/09/11/blurtooth_vulnerability/	Trust: 0.1
url:	https://threatpost.com/bluetooth-bug-mitm-attacks/159124/	Trust: 0.1

sources: OTHER: None // CERT/CC: VU#589825 // VULMON: CVE-2020-15802 // CNNVD: CNNVD-202009-592 // NVD: CVE-2020-15802

CREDITS

This document was written by Madison Oliver.We have not received a statement from the vendor.

Trust: 0.8

sources: CERT/CC: VU#589825

SOURCES

db:	OTHER	id:	-
db:	CERT/CC	id:	VU#589825
db:	VULMON	id:	CVE-2020-15802
db:	CNNVD	id:	CNNVD-202009-592
db:	NVD	id:	CVE-2020-15802

LAST UPDATE DATE

2025-01-30T21:57:27.851000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#589825	date:	2021-02-16T00:00:00
db:	VULMON	id:	CVE-2020-15802	date:	2022-11-16T00:00:00
db:	CNNVD	id:	CNNVD-202009-592	date:	2021-01-04T00:00:00
db:	NVD	id:	CVE-2020-15802	date:	2024-11-21T05:06:12.767

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#589825	date:	2020-09-09T00:00:00
db:	VULMON	id:	CVE-2020-15802	date:	2020-09-11T00:00:00
db:	CNNVD	id:	CNNVD-202009-592	date:	2020-09-09T00:00:00
db:	NVD	id:	CVE-2020-15802	date:	2020-09-11T14:15:11.317