Vulnerability CVE-2018-5383


Published: 2018-08-07

Description:
Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device.

Type:

CWE-310

(Cryptographic Issues)

Vendor: Apple
Product: Iphone os 
Version:
9.3.5
9.3.4
9.3.3
9.3.2
9.3.1
9.3
9.2.1
9.2
9.1
9.0.2
9.0.1
9.0
8.4.1
8.2
8.1.3
8.1.2
8.1
8.0.2
8.0.1
8.0
7.1.2
7.1.1
7.1
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0
6.1.6
6.1.5
6.1.4
6.1.3
6.1.2
6.1
6.0.2
6.0.1
6.0
5.1.1
5.1
5.0.1
5.0
4.3.5
4.3.3
4.3.2
4.3.1
4.3.0
4.2.8
4.2.5
4.2.1
4.1
4.0.2
4.0.1
4.0
3.2.2
3.2.1
3.2
3.1.3
3.1.2
3.1
3.0.1
3.0
2.2.1
2.2
2.1.1
2.1
2.0.2
2.0.1
2.0.0
2.0
11.3.1
11.3
11.2.6
11.2.5
11.2.2
11.2.1
11.2
11.1.2
11.1.1
11.1
11.0.3
11.0.2
11.0.1
11.0
See more versions on NVD
Product: Mac os x 
Version:
10.9.5
10.9.4
10.9.3
10.9.2
10.9.1
10.9
10.8.5
10.8.4
See more versions on NVD
Vendor: Google
Product: Android 
Version:
8.1
8.0
7.1.2
7.1.1
7.0
6.0.1
6.0
See more versions on NVD

CVSS2 => (AV:A/AC:M/Au:N/C:P/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
4.9/10
5.5/10
Exploit range
Attack complexity
Authentication
Adjacent network
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
None

 References:
http://www.cs.technion.ac.il/~biham/BT/
http://www.securityfocus.com/bid/104879
http://www.securitytracker.com/id/1041432
https://www.bluetooth.com/news/unknown/2018/07/bluetooth-sig-security-update
https://www.kb.cert.org/vuls/id/304725

Related CVE
CVE-2019-5783
Missing URI encoding of untrusted input in DevTools in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform a Dangling Markup Injection attack via a crafted HTML page.
CVE-2019-5782
Incorrect optimization assumptions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
CVE-2019-5781
Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
CVE-2019-5780
Insufficient restrictions on what can be done with Apple Events in Google Chrome on macOS prior to 72.0.3626.81 allowed a local attacker to execute JavaScript via Apple Events.
CVE-2019-5779
Insufficient policy validation in ServiceWorker in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
CVE-2019-5777
Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
CVE-2019-5776
Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
CVE-2019-5775
Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.

Copyright 2019, cxsecurity.com

 

Back to Top