CVE Tools

bluetooth

ICS / OT / IoToss-project

7

Cumulative CVEs

2

Monthly snapshots

#42

Peak rank

Top products

mesh profile4 bluetooth core specification3

Latest CVEs

The 15 most recently published vulnerabilities affecting bluetooth.

CVE-2023-24023Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key len...6.8Nov 28, 2023
CVE-2022-24695Bluetooth Classic in Bluetooth Core Specification through 5.3 does not properly conceal device information for Bluetooth transceivers in Non-Discoverable mode. By conducting an efficient over-the-a...4.3Jun 2, 2023
CVE-2022-25837Bluetooth® Pairing in Bluetooth Core Specification v1.0B through v5.3 may permit an unauthenticated MITM to acquire credentials with two pairing devices via adjacent access when at least one devic...7.5Dec 12, 2022
CVE-2022-25836Bluetooth® Low Energy Pairing in Bluetooth Core Specification v4.0 through v5.3 may permit an unauthenticated MITM to acquire credentials with two pairing devices via adjacent access when the MITM...7.5Dec 12, 2022
CVE-2020-35473An information leakage vulnerability in the Bluetooth Low Energy advertisement scan response in Bluetooth Core Specifications 4.0 through 5.2, and extended scan response in Bluetooth Core Specifica...4.3Nov 8, 2022
CVE-2021-31615Unencrypted Bluetooth Low Energy baseband links in Bluetooth Core Specifications 4.0 through 5.2 may permit an adjacent device to inject a crafted packet during the receive window of the listening ...5.3Jun 25, 2021
CVE-2020-26559Untitled vulnerability8.8May 24, 2021
CVE-2020-26555Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing wit...5.4May 24, 2021
CVE-2020-26556Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to conduct a successful brute-force attack on an insufficiently random AuthValue before the provisioni...7.5May 24, 2021
CVE-2020-26557Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (without possession of the AuthValue used in the provisioning protocol) to determine the AuthValue via a bru...7.5May 24, 2021
CVE-2020-26558Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey aut...4.2May 24, 2021
CVE-2020-26560Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, reflecting the authentication evidence from a Provisioner, to complete authentication without pos...8.1May 24, 2021
CVE-2020-15802Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticate...5.9Sep 11, 2020
CVE-2020-10135Bluetooth devices supporting BR/EDR v5.2 and earlier are vulnerable to impersonation attacks5.4May 19, 2020
CVE-2020-10134Bluetooth devices supporting LE and specific BR/EDR implementations are vulnerable to method confusion attacks6.3May 19, 2020