Vigil@nce - Bluetooth BR/EDR: information disclosure via Key Negotiation
October 2019 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/offer/Computer...
SYNTHESIS OF THE VULNERABILITY
Impacted products: iOS by Apple, iPhone, Mac OS X, Cisco IP Phone,
Debian, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows
2012, Windows 2016, Windows 2019, Windows 7, Windows 8, Windows
RT, openSUSE Leap, RHEL, Synology DSM, Ubuntu.
Consequences: data reading.
Provenance: radio connection.
Confidence: confirmed by the editor (5/5).
Creation date: 14/08/2019.
DESCRIPTION OF THE VULNERABILITY
An attacker can bypass access restrictions to data via Key Negotiation of Bluetooth BR/EDR, in order to obtain sensitive information.
ACCESS TO THE FULL VIGIL@NCE BULLETIN