Details of VAR-202105-0146

ID

VAR-202105-0146

CVE

CVE-2020-26558

TITLE

Bluetooth Core Specification Authentication vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2021-007333

DESCRIPTION

Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time. Bluetooth Core Specification There is an authentication vulnerability in.Information may be obtained and information may be tampered with. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202209-16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: BlueZ: Multiple Vulnerabilities Date: September 29, 2022 Bugs: #797712, #835077 ID: 202209-16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been discovered in BlueZ, the worst of which could result in arbitrary code execution. Background ========== BlueZ is the canonical bluetooth tools and system daemons package for Linux. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-wireless/bluez < 5.63 >= 5.63 Description =========== Multiple vulnerabilities have been discovered in BlueZ. Please review the CVE identifiers referenced below for details. Impact ====== Please review the referenced CVE identifiers for details. Workaround ========== There is no known workaround at this time. Resolution ========== All BlueZ users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-wireless/bluez-5.63" References ========== [ 1 ] CVE-2020-26558 https://nvd.nist.gov/vuln/detail/CVE-2020-26558 [ 2 ] CVE-2021-0129 https://nvd.nist.gov/vuln/detail/CVE-2021-0129 [ 3 ] CVE-2021-3588 https://nvd.nist.gov/vuln/detail/CVE-2021-3588 [ 4 ] CVE-2022-0204 https://nvd.nist.gov/vuln/detail/CVE-2022-0204 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202209-16 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: bluez security update Advisory ID: RHSA-2021:4432-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:4432 Issue date: 2021-11-09 CVE Names: CVE-2020-26558 ==================================================================== 1. Summary: An update for bluez is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux CRB (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: The bluez packages contain the following utilities for use in Bluetooth applications: hcitool, hciattach, hciconfig, bluetoothd, l2ping, start scripts (Red Hat), and pcmcia configuration files. Security Fix(es): * bluez: Passkey Entry protocol of the Bluetooth Core is vulnerable to an impersonation attack (CVE-2020-26558) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1918602 - CVE-2020-26558 bluez: Passkey Entry protocol of the Bluetooth Core is vulnerable to an impersonation attack 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): aarch64: bluez-cups-5.56-1.el8.aarch64.rpm bluez-cups-debuginfo-5.56-1.el8.aarch64.rpm bluez-debuginfo-5.56-1.el8.aarch64.rpm bluez-debugsource-5.56-1.el8.aarch64.rpm bluez-hid2hci-debuginfo-5.56-1.el8.aarch64.rpm bluez-libs-debuginfo-5.56-1.el8.aarch64.rpm bluez-obexd-debuginfo-5.56-1.el8.aarch64.rpm ppc64le: bluez-cups-5.56-1.el8.ppc64le.rpm bluez-cups-debuginfo-5.56-1.el8.ppc64le.rpm bluez-debuginfo-5.56-1.el8.ppc64le.rpm bluez-debugsource-5.56-1.el8.ppc64le.rpm bluez-hid2hci-debuginfo-5.56-1.el8.ppc64le.rpm bluez-libs-debuginfo-5.56-1.el8.ppc64le.rpm bluez-obexd-debuginfo-5.56-1.el8.ppc64le.rpm s390x: bluez-cups-5.56-1.el8.s390x.rpm bluez-cups-debuginfo-5.56-1.el8.s390x.rpm bluez-debuginfo-5.56-1.el8.s390x.rpm bluez-debugsource-5.56-1.el8.s390x.rpm bluez-hid2hci-debuginfo-5.56-1.el8.s390x.rpm bluez-libs-debuginfo-5.56-1.el8.s390x.rpm bluez-obexd-debuginfo-5.56-1.el8.s390x.rpm x86_64: bluez-cups-5.56-1.el8.x86_64.rpm bluez-cups-debuginfo-5.56-1.el8.x86_64.rpm bluez-debuginfo-5.56-1.el8.x86_64.rpm bluez-debugsource-5.56-1.el8.x86_64.rpm bluez-hid2hci-debuginfo-5.56-1.el8.x86_64.rpm bluez-libs-debuginfo-5.56-1.el8.x86_64.rpm bluez-obexd-debuginfo-5.56-1.el8.x86_64.rpm Red Hat Enterprise Linux BaseOS (v. 8): Source: bluez-5.56-1.el8.src.rpm aarch64: bluez-5.56-1.el8.aarch64.rpm bluez-cups-debuginfo-5.56-1.el8.aarch64.rpm bluez-debuginfo-5.56-1.el8.aarch64.rpm bluez-debugsource-5.56-1.el8.aarch64.rpm bluez-hid2hci-5.56-1.el8.aarch64.rpm bluez-hid2hci-debuginfo-5.56-1.el8.aarch64.rpm bluez-libs-5.56-1.el8.aarch64.rpm bluez-libs-debuginfo-5.56-1.el8.aarch64.rpm bluez-obexd-5.56-1.el8.aarch64.rpm bluez-obexd-debuginfo-5.56-1.el8.aarch64.rpm ppc64le: bluez-5.56-1.el8.ppc64le.rpm bluez-cups-debuginfo-5.56-1.el8.ppc64le.rpm bluez-debuginfo-5.56-1.el8.ppc64le.rpm bluez-debugsource-5.56-1.el8.ppc64le.rpm bluez-hid2hci-5.56-1.el8.ppc64le.rpm bluez-hid2hci-debuginfo-5.56-1.el8.ppc64le.rpm bluez-libs-5.56-1.el8.ppc64le.rpm bluez-libs-debuginfo-5.56-1.el8.ppc64le.rpm bluez-obexd-5.56-1.el8.ppc64le.rpm bluez-obexd-debuginfo-5.56-1.el8.ppc64le.rpm s390x: bluez-5.56-1.el8.s390x.rpm bluez-cups-debuginfo-5.56-1.el8.s390x.rpm bluez-debuginfo-5.56-1.el8.s390x.rpm bluez-debugsource-5.56-1.el8.s390x.rpm bluez-hid2hci-5.56-1.el8.s390x.rpm bluez-hid2hci-debuginfo-5.56-1.el8.s390x.rpm bluez-libs-5.56-1.el8.s390x.rpm bluez-libs-debuginfo-5.56-1.el8.s390x.rpm bluez-obexd-5.56-1.el8.s390x.rpm bluez-obexd-debuginfo-5.56-1.el8.s390x.rpm x86_64: bluez-5.56-1.el8.x86_64.rpm bluez-cups-debuginfo-5.56-1.el8.i686.rpm bluez-cups-debuginfo-5.56-1.el8.x86_64.rpm bluez-debuginfo-5.56-1.el8.i686.rpm bluez-debuginfo-5.56-1.el8.x86_64.rpm bluez-debugsource-5.56-1.el8.i686.rpm bluez-debugsource-5.56-1.el8.x86_64.rpm bluez-hid2hci-5.56-1.el8.x86_64.rpm bluez-hid2hci-debuginfo-5.56-1.el8.i686.rpm bluez-hid2hci-debuginfo-5.56-1.el8.x86_64.rpm bluez-libs-5.56-1.el8.i686.rpm bluez-libs-5.56-1.el8.x86_64.rpm bluez-libs-debuginfo-5.56-1.el8.i686.rpm bluez-libs-debuginfo-5.56-1.el8.x86_64.rpm bluez-obexd-5.56-1.el8.x86_64.rpm bluez-obexd-debuginfo-5.56-1.el8.i686.rpm bluez-obexd-debuginfo-5.56-1.el8.x86_64.rpm Red Hat Enterprise Linux CRB (v. 8): aarch64: bluez-cups-debuginfo-5.56-1.el8.aarch64.rpm bluez-debuginfo-5.56-1.el8.aarch64.rpm bluez-debugsource-5.56-1.el8.aarch64.rpm bluez-hid2hci-debuginfo-5.56-1.el8.aarch64.rpm bluez-libs-debuginfo-5.56-1.el8.aarch64.rpm bluez-libs-devel-5.56-1.el8.aarch64.rpm bluez-obexd-debuginfo-5.56-1.el8.aarch64.rpm ppc64le: bluez-cups-debuginfo-5.56-1.el8.ppc64le.rpm bluez-debuginfo-5.56-1.el8.ppc64le.rpm bluez-debugsource-5.56-1.el8.ppc64le.rpm bluez-hid2hci-debuginfo-5.56-1.el8.ppc64le.rpm bluez-libs-debuginfo-5.56-1.el8.ppc64le.rpm bluez-libs-devel-5.56-1.el8.ppc64le.rpm bluez-obexd-debuginfo-5.56-1.el8.ppc64le.rpm s390x: bluez-cups-debuginfo-5.56-1.el8.s390x.rpm bluez-debuginfo-5.56-1.el8.s390x.rpm bluez-debugsource-5.56-1.el8.s390x.rpm bluez-hid2hci-debuginfo-5.56-1.el8.s390x.rpm bluez-libs-debuginfo-5.56-1.el8.s390x.rpm bluez-libs-devel-5.56-1.el8.s390x.rpm bluez-obexd-debuginfo-5.56-1.el8.s390x.rpm x86_64: bluez-cups-debuginfo-5.56-1.el8.i686.rpm bluez-cups-debuginfo-5.56-1.el8.x86_64.rpm bluez-debuginfo-5.56-1.el8.i686.rpm bluez-debuginfo-5.56-1.el8.x86_64.rpm bluez-debugsource-5.56-1.el8.i686.rpm bluez-debugsource-5.56-1.el8.x86_64.rpm bluez-hid2hci-debuginfo-5.56-1.el8.i686.rpm bluez-hid2hci-debuginfo-5.56-1.el8.x86_64.rpm bluez-libs-debuginfo-5.56-1.el8.i686.rpm bluez-libs-debuginfo-5.56-1.el8.x86_64.rpm bluez-libs-devel-5.56-1.el8.i686.rpm bluez-libs-devel-5.56-1.el8.x86_64.rpm bluez-obexd-debuginfo-5.56-1.el8.i686.rpm bluez-obexd-debuginfo-5.56-1.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-26558 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/ 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYYrdt9zjgjWX9erEAQj3Kg//RFuvdDqQfdw3Wm00uS+qmxOaUzvG5OVO XrSpoMb5VcrJRKTBY3u4ObfU1+yGJ5iF2wGwxgu6QF4tLUwC/OPSCgvS0lifTcEy OkvBnkR06tBsGTjBmN8wyHQTEGVdFLlFU+sbC+yKjHmF31o6ZgDD7VZV/wuzqSGk ZPR39CzfnnnTzLz2QvrYJZZ/tpgvS5qOTebP/qEmQCuwmRJeTaY+pgj28e8njQjU NMqAcR7/kPX6LIYzdhQgEOCWZ9imxjoYAwY/VMu9T23zuyTkRTQtCC8Q5GJgATRV qD4adxIeyJSvvMzJf6VkvzXu32AWira9oFgFPiYwjEYVJcMmGKZGJx94a1mu2Rs8 TFi3+iuVAdHE1S9NJ54nfxkjnVs6XKDIITNIZkl+isfQEtkkUBfeVcK6U/57wCKN jgvUtrcQpqNH86x3Uu4W//eFlXQrbfzsogDx10d/jSk+PPg60mP6Fzcad8PTgr/H vZygkT1bLbY7lOXejiVnJ8+otIv7tK+XzajDvQwgwC+9IigncMygiSS0SelVht4U rvdqIKs2btFOBk+GhUzEMogaGFDqRUpFKIEFFVtL6d3Uvr4rgDHjMewKdU9v11ED 94Cg3wX0XFYvrnRS1Lxx9m1vuWtevD4EyZLSxcAEMLSXEMoa2c8f7Y6gxb7PGAKb irY79RTeDm4=R6rn -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Software Description: - bluez: Bluetooth tools and daemons Details: It was discovered that BlueZ incorrectly checked certain permissions when pairing. (CVE-2020-26558) Jay LV discovered that BlueZ incorrectly handled redundant disconnect MGMT events. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-27153) Ziming Zhang discovered that BlueZ incorrectly handled certain array indexes. ========================================================================= Ubuntu Security Notice USN-5046-1 August 18, 2021 linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.11, linux-oracle, linux-raspi vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 21.04 - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi: Linux kernel for Raspberry Pi (V8) systems - linux-hwe-5.11: Linux hardware enablement (HWE) kernel Details: It was discovered that the bluetooth subsystem in the Linux kernel did not properly perform access control. An authenticated attacker could possibly use this to expose sensitive information. (CVE-2020-26558, CVE-2021-0129) Michael Brown discovered that the Xen netback driver in the Linux kernel did not properly handle malformed packets from a network PV frontend, leading to a use-after-free vulnerability. An attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-28691) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle HCI device initialization failure, leading to a double-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-3564) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle HCI device detach events, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-3573) It was discovered that the NFC implementation in the Linux kernel did not properly handle failed connect events leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service. (CVE-2021-3587) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 21.04: linux-image-5.11.0-1013-azure 5.11.0-1013.14 linux-image-5.11.0-1016-aws 5.11.0-1016.17 linux-image-5.11.0-1016-oracle 5.11.0-1016.17 linux-image-5.11.0-1016-raspi 5.11.0-1016.17 linux-image-5.11.0-1016-raspi-nolpae 5.11.0-1016.17 linux-image-5.11.0-1017-gcp 5.11.0-1017.19 linux-image-5.11.0-31-generic 5.11.0-31.33 linux-image-5.11.0-31-generic-64k 5.11.0-31.33 linux-image-5.11.0-31-generic-lpae 5.11.0-31.33 linux-image-5.11.0-31-lowlatency 5.11.0-31.33 linux-image-aws 5.11.0.1016.17 linux-image-azure 5.11.0.1013.14 linux-image-gcp 5.11.0.1017.17 linux-image-generic 5.11.0.31.33 linux-image-generic-64k 5.11.0.31.33 linux-image-generic-lpae 5.11.0.31.33 linux-image-gke 5.11.0.1017.17 linux-image-lowlatency 5.11.0.31.33 linux-image-oem-20.04 5.11.0.31.33 linux-image-oracle 5.11.0.1016.17 linux-image-raspi 5.11.0.1016.14 linux-image-raspi-nolpae 5.11.0.1016.14 linux-image-virtual 5.11.0.31.33 Ubuntu 20.04 LTS: linux-image-5.11.0-27-generic 5.11.0-27.29~20.04.1 linux-image-5.11.0-27-generic-64k 5.11.0-27.29~20.04.1 linux-image-5.11.0-27-generic-lpae 5.11.0-27.29~20.04.1 linux-image-5.11.0-27-lowlatency 5.11.0-27.29~20.04.1 linux-image-generic-64k-hwe-20.04 5.11.0.27.29~20.04.11 linux-image-generic-hwe-20.04 5.11.0.27.29~20.04.11 linux-image-generic-lpae-hwe-20.04 5.11.0.27.29~20.04.11 linux-image-lowlatency-hwe-20.04 5.11.0.27.29~20.04.11 linux-image-virtual-hwe-20.04 5.11.0.27.29~20.04.11 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well

Trust: 2.34

sources: NVD: CVE-2020-26558 // JVNDB: JVNDB-2021-007333 // VULMON: CVE-2020-26558 // PACKETSTORM: 168567 // PACKETSTORM: 164844 // PACKETSTORM: 163184 // PACKETSTORM: 163186 // PACKETSTORM: 163598 // PACKETSTORM: 163905 // PACKETSTORM: 163877

IOT TAXONOMY

category:

['network device']

sub_category:

bluetooth device

Trust: 0.1

sources: OTHER: None

AFFECTED PRODUCTS

vendor:	intel	model:	ac 3165	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	ax200	scope:	eq	version:	-	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	5.13	Trust: 1.0
vendor:	bluetooth	model:	core specification	scope:	lte	version:	5.2	Trust: 1.0
vendor:	intel	model:	ac 9260	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	ac 3168	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	ac 7265	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	ax210	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	ac 9462	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	ax201	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	ac 8260	scope:	eq	version:	-	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	9.0	Trust: 1.0
vendor:	intel	model:	ac 1550	scope:	eq	version:	-	Trust: 1.0
vendor:	bluetooth	model:	core specification	scope:	gte	version:	2.1	Trust: 1.0
vendor:	intel	model:	ac 9560	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	ac 8265	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	ax1675	scope:	eq	version:	-	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	34	Trust: 1.0
vendor:	intel	model:	ac 9461	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	ax1650	scope:	eq	version:	-	Trust: 1.0
vendor:	fedora	model:	fedora	scope:	-	version:	-	Trust: 0.8
vendor:	bluetooth sig	model:	core specification	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-007333 // NVD: CVE-2020-26558

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-26558
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2020-26558
value:	MEDIUM
Trust: 0.8
VULMON:	CVE-2020-26558
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2020-26558
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:A/AC:M/AU:N/C:P/I:P/A:N
accessVector:	ADJACENT_NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	5.5
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9

nvd@nist.gov:	CVE-2020-26558
baseSeverity:	MEDIUM
baseScore:	4.2
vectorString:	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
attackVector:	ADJACENT
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	1.6
impactScore:	2.5
version:	3.1
Trust: 1.0
NVD:	CVE-2020-26558
baseSeverity:	MEDIUM
baseScore:	4.2
vectorString:	CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
attackVector:	ADJACENT NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULMON: CVE-2020-26558 // JVNDB: JVNDB-2021-007333 // NVD: CVE-2020-26558

PROBLEMTYPE DATA

problemtype:	CWE-287	Trust: 1.0
problemtype:	Inappropriate authentication (CWE-287) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2021-007333 // NVD: CVE-2020-26558

THREAT TYPE

local

Trust: 0.3

sources: PACKETSTORM: 163184 // PACKETSTORM: 163186 // PACKETSTORM: 163598

TYPE

arbitrary

Trust: 0.4

sources: PACKETSTORM: 163184 // PACKETSTORM: 163598 // PACKETSTORM: 163905 // PACKETSTORM: 163877

PATCH

title:	Reporting Security Vulnerabilities Fedora ProjectFedora Update Notification	url:	https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security/	Trust: 0.8
title:	Red Hat: CVE-2020-26558	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2020-26558	Trust: 0.1
title:	Debian CVElist Bug Report Logs: bluez: CVE-2021-0129 CVE-2020-26558	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=0634986a83e749d947f670c2c6fc6f8a	Trust: 0.1
title:	Debian Security Advisories: DSA-4951-1 bluez -- security update	url:	https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=022b2816062a8ca433d97ca2e73731f3	Trust: 0.1
title:	Arch Linux Issues:	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2020-26558 log	Trust: 0.1
title:	CVE-2020-26558	url:	https://github.com/AlAIAL90/CVE-2020-26558	Trust: 0.1
title:	BleepingComputer	url:	https://www.bleepingcomputer.com/news/security/bluetooth-flaws-allow-attackers-to-impersonate-legitimate-devices/	Trust: 0.1

sources: VULMON: CVE-2020-26558 // JVNDB: JVNDB-2021-007333

EXTERNAL IDS

db:	NVD	id:	CVE-2020-26558	Trust: 3.5
db:	CERT/CC	id:	VU#799380	Trust: 1.9
db:	ICS CERT	id:	ICSA-24-074-07	Trust: 0.8
db:	JVN	id:	JVNVU99594334	Trust: 0.8
db:	JVN	id:	JVNVU99965981	Trust: 0.8
db:	JVN	id:	JVNVU93656033	Trust: 0.8
db:	JVNDB	id:	JVNDB-2021-007333	Trust: 0.8
db:	OTHER	id:	NONE	Trust: 0.1
db:	VULMON	id:	CVE-2020-26558	Trust: 0.1
db:	PACKETSTORM	id:	168567	Trust: 0.1
db:	PACKETSTORM	id:	164844	Trust: 0.1
db:	PACKETSTORM	id:	163184	Trust: 0.1
db:	PACKETSTORM	id:	163186	Trust: 0.1
db:	PACKETSTORM	id:	163598	Trust: 0.1
db:	PACKETSTORM	id:	163905	Trust: 0.1
db:	PACKETSTORM	id:	163877	Trust: 0.1

sources: OTHER: None // VULMON: CVE-2020-26558 // PACKETSTORM: 168567 // PACKETSTORM: 164844 // PACKETSTORM: 163184 // PACKETSTORM: 163186 // PACKETSTORM: 163598 // PACKETSTORM: 163905 // PACKETSTORM: 163877 // JVNDB: JVNDB-2021-007333 // NVD: CVE-2020-26558

REFERENCES

url:	https://kb.cert.org/vuls/id/799380	Trust: 1.9
url:	https://nvd.nist.gov/vuln/detail/cve-2020-26558	Trust: 1.5
url:	https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security/	Trust: 1.1
url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00520.html	Trust: 1.1
url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517.html	Trust: 1.1
url:	https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html	Trust: 1.1
url:	https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html	Trust: 1.1
url:	https://lists.debian.org/debian-lts-announce/2021/06/msg00022.html	Trust: 1.1
url:	https://security.gentoo.org/glsa/202209-16	Trust: 1.1
url:	https://www.debian.org/security/2021/dsa-4951	Trust: 1.0
url:	https://www.kb.cert.org/vuls/id/799380	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/nss6ctge4ugtjlcozoasdr3t3sll6qjz/	Trust: 1.0
url:	https://jvn.jp/vu/jvnvu99965981/	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu99594334/	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu93656033/index.html	Trust: 0.8
url:	https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-07	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2020-26558	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3588	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-27153	Trust: 0.2
url:	https://ubuntu.com/security/notices/usn-4989-1	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-28691	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3564	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3573	Trust: 0.2
url:	https://ieeexplore.ieee.org/abstract/document/10769424	Trust: 0.1
url:	https://cwe.mitre.org/data/definitions/287.html	Trust: 0.1
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/nss6ctge4ugtjlcozoasdr3t3sll6qjz/	Trust: 0.1
url:	https://github.com/alaial90/cve-2020-26558	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	https://security.gentoo.org/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-0129	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0204	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1
url:	https://listman.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.1
url:	https://access.redhat.com/security/updates/classification/#moderate	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/	Trust: 0.1
url:	https://access.redhat.com/articles/11258	Trust: 0.1
url:	https://access.redhat.com/security/team/key/	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:4432	Trust: 0.1
url:	https://bugzilla.redhat.com/):	Trust: 0.1
url:	https://access.redhat.com/security/team/contact/	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/bluez/5.56-0ubuntu4.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/bluez/5.53-0ubuntu3.2	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/bluez/5.55-0ubuntu1.2	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/bluez/5.48-0ubuntu3.5	Trust: 0.1
url:	https://ubuntu.com/security/notices/usn-4989-2	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gkeop/5.4.0-1021.22	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gcp-5.4/5.4.0-1049.53~18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gcp/5.4.0-1049.53	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-oracle-5.4/5.4.0-1052.56~18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-raspi/5.4.0-1041.45	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-kvm/5.4.0-1044.46	Trust: 0.1
url:	https://ubuntu.com/security/notices/usn-5017-1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gke-5.4/5.4.0-1049.52~18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-hwe-5.4/5.4.0-80.90~18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-aws-5.4/5.4.0-1054.57~18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-azure/5.4.0-1055.57	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-oracle/5.4.0-1052.56	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gke/5.4.0-1049.52	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-33909	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-azure-5.4/5.4.0-1055.57~18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-aws/5.4.0-1054.57	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux/5.4.0-80.90	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gkeop-5.4/5.4.0-1021.22~18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-raspi-5.4/5.4.0-1041.45~18.04.1	Trust: 0.1
url:	https://ubuntu.com/security/notices/usn-5050-1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-aws-5.8/5.8.0-1042.44~20.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-oracle-5.8/5.8.0-1038.39~20.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gcp-5.8/5.8.0-1039.41	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-38208	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-azure-5.8/5.8.0-1040.43~20.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-azure/5.11.0-1013.14	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gcp/5.11.0-1017.19	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux/5.11.0-31.33	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-hwe-5.11/5.11.0-27.29~20.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-oracle/5.11.0-1016.17	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-raspi/5.11.0-1016.17	Trust: 0.1
url:	https://ubuntu.com/security/notices/usn-5046-1	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3587	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-aws/5.11.0-1016.17	Trust: 0.1

CREDITS

Ubuntu

Trust: 0.5

sources: PACKETSTORM: 163184 // PACKETSTORM: 163186 // PACKETSTORM: 163598 // PACKETSTORM: 163905 // PACKETSTORM: 163877

SOURCES

db:	OTHER	id:	-
db:	VULMON	id:	CVE-2020-26558
db:	PACKETSTORM	id:	168567
db:	PACKETSTORM	id:	164844
db:	PACKETSTORM	id:	163184
db:	PACKETSTORM	id:	163186
db:	PACKETSTORM	id:	163598
db:	PACKETSTORM	id:	163905
db:	PACKETSTORM	id:	163877
db:	JVNDB	id:	JVNDB-2021-007333
db:	NVD	id:	CVE-2020-26558

LAST UPDATE DATE

2026-04-17T20:00:28.779000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2020-26558	date:	2021-08-07T00:00:00
db:	JVNDB	id:	JVNDB-2021-007333	date:	2024-03-22T07:16:00
db:	NVD	id:	CVE-2020-26558	date:	2025-11-04T20:15:58.053

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2020-26558	date:	2021-05-24T00:00:00
db:	PACKETSTORM	id:	168567	date:	2022-09-30T14:52:58
db:	PACKETSTORM	id:	164844	date:	2021-11-10T17:05:47
db:	PACKETSTORM	id:	163184	date:	2021-06-17T17:45:55
db:	PACKETSTORM	id:	163186	date:	2021-06-17T17:49:44
db:	PACKETSTORM	id:	163598	date:	2021-07-21T16:04:36
db:	PACKETSTORM	id:	163905	date:	2021-08-24T15:17:06
db:	PACKETSTORM	id:	163877	date:	2021-08-18T15:28:00
db:	JVNDB	id:	JVNDB-2021-007333	date:	2022-02-08T00:00:00
db:	NVD	id:	CVE-2020-26558	date:	2021-05-24T18:15:07.930