#VU53583 Security features bypass in Bluetooth Mesh profile - CVE-2020-26559
Published: May 26, 2021 / Updated: January 26, 2022
Vulnerability identifier: #VU53583
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2020-26559
CWE-ID: CWE-254
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vulnerable software:
Bluetooth Mesh profile
Bluetooth Mesh profile
Software vendor:
Bluetooth SIG, Inc.
Bluetooth SIG, Inc.
Description
The vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the leak of AuthValue in the Mesh Provisioning procedure. A remote attacker on the local network can perform a brute-force attack to identify the AuthValue used given the Provisioner’s public key, and the confirmation number and nonce provided by the provisioning device.
Remediation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.