Bluetooth BR/EDR devices with Secure Simple Pairing and...
Moderate severity
Unreviewed
Published
Nov 28, 2023
to the GitHub Advisory Database
•
Updated Apr 11, 2024
Description
Published by the National Vulnerability Database
Nov 28, 2023
Published to the GitHub Advisory Database
Nov 28, 2023
Last updated
Apr 11, 2024
Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUFFS.
References