Podatność CVE-2019-9506


Publikacja: 2019-08-14

Opis:
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.

Typ:

CWE-310

(Cryptographic Issues)

Producent: Apple
Produkt: Watchos 
Wersje: 5.3;
Produkt: Iphone os 
Wersje: 12.4;
Produkt: TVOS 
Wersje: 12.4;
Produkt: Mac os x 
Wersje:
10.14.5
10.13.6
10.12.6
Producent: Google
Produkt: Android 

CVSS2 => (AV:A/AC:L/Au:N/C:P/I:P/A:N)

Ogólna skala CVSS
Znaczenie
Łatwość wykorzystania
4.8/10
4.9/10
6.5/10
Wymagany dostęp
Złożoność ataku
Autoryzacja
Sieć lokalna
Niska
Nie wymagana
Wpływ na poufność
Wpływ na integralność
Wpływ na dostępność
Częściowy
Częściowy
Brak

 Referencje:
http://seclists.org/fulldisclosure/2019/Aug/11
http://seclists.org/fulldisclosure/2019/Aug/13
http://seclists.org/fulldisclosure/2019/Aug/14
http://seclists.org/fulldisclosure/2019/Aug/15
http://www.cs.ox.ac.uk/publications/publication12404-abstract.html
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en
https://usn.ubuntu.com/4115-1/
https://usn.ubuntu.com/4118-1/
https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/
https://www.kb.cert.org/vuls/id/918987/
https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli

Podobne CVE
CVE-2019-2215
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local appli...
CVE-2019-2187
In nfc_ncif_decode_rf_params of nfc_ncif.cc, there is a possible out of bounds read due to an integer underflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploi...
CVE-2019-2186
In GetMBheader of combined_decode.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product...
CVE-2019-2185
In VlcDequantH263IntraBlock_SH of vlc_dequant.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploita...
CVE-2019-2184
In PV_DecodePredictedIntraDC of dec_pred_intra_dc.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for expl...
CVE-2019-2183
In generateServicesMap of RegisteredServicesCache.java, there is a possible account protection bypass due to a caching optimization. This could lead to local information disclosure with no additional execution privileges needed. User interaction is n...
CVE-2019-2173
In startActivityMayWait of ActivityStarter.java, there is a possible incorrect Activity launch due to an incorrect permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is ...
CVE-2019-16508
The Imagination Technologies driver for Chrome OS before R74-11895.B, R75 before R75-12105.B, and R76 before R76-12208.0.0 allows attackers to trigger an Integer Overflow and gain privileges via a malicious application. This occurs because of intenti...

Copyright 2019, cxsecurity.com

 

Back to Top