Bluetooth Bluetooth Core Specification — known CVE vulnerabilities
Every CVE whose affected-product data names Bluetooth Bluetooth Core Specification, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2022-25836 — CVSS 7.5 (high): Bluetooth® Low Energy Pairing in Bluetooth Core Specification v4.0 through v5.3 may permit an unauthenticated MITM to acquire credentials…
CVE-2020-26556 — CVSS 7.5 (high): Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to conduct a successful brute-force attack…
CVE-2022-25837 — CVSS 7.5 (high): Bluetooth® Pairing in Bluetooth Core Specification v1.0B through v5.3 may permit an unauthenticated MITM to acquire credentials with two…
CVE-2023-24023 — CVSS 6.8 (medium): Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow…
CVE-2020-15802 — CVSS 5.9 (medium): Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth…
CVE-2020-26555 — CVSS 5.4 (medium): Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to…
CVE-2021-31615 — CVSS 5.3 (medium): Unencrypted Bluetooth Low Energy baseband links in Bluetooth Core Specifications 4.0 through 5.2 may permit an adjacent device to inject a…
CVE-2022-24695 — CVSS 4.3 (medium): Bluetooth Classic in Bluetooth Core Specification through 5.3 does not properly conceal device information for Bluetooth transceivers in…
CVE-2020-35473 — CVSS 4.3 (medium): An information leakage vulnerability in the Bluetooth Low Energy advertisement scan response in Bluetooth Core Specifications 4.0 through…
CVE-2020-26558 — CVSS 4.2 (medium): Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to…