VYPR

Bluetooth Mesh profile

by Bluetooth SIG

CVEs (4)

  • CVE-2020-26556May 24, 2021
    risk 0.00cvss epss 0.01

    Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to conduct a successful brute-force attack on an insufficiently random AuthValue before the provisioning procedure times out, to complete authentication by leveraging Malleable…

  • CVE-2020-26557May 24, 2021
    risk 0.00cvss epss 0.01

    Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (without possession of the AuthValue used in the provisioning protocol) to determine the AuthValue via a brute-force attack (unless the AuthValue is sufficiently random and changed each…

  • CVE-2020-26559May 24, 2021
    risk 0.00cvss epss 0.01

    Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (participating in the provisioning protocol) to identify the AuthValue used given the Provisioner’s public key, and the confirmation number and nonce provided by the provisioning…

  • CVE-2020-26560May 24, 2021
    risk 0.00cvss epss 0.01

    Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, reflecting the authentication evidence from a Provisioner, to complete authentication without possessing the AuthValue, and potentially acquire a NetKey and AppKey.