CVE-2019-9506

Severity

48%

Complexity

65%

Confidentiality

81%

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.

CVSS 3.0 Base Score 8.1. CVSS Attack Vector: adjacent_network. CVSS Attack Complexity: low. CVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).

CVSS 2.0 Base Score 4.8. CVSS Attack Vector: adjacent_network. CVSS Attack Complexity: low. CVSS Vector: (AV:A/AC:L/Au:N/C:P/I:P/A:N).

Overview

Type

Apple

First reported 5 years ago

2019-08-14 17:15:00

Last updated 5 years ago

2019-08-28 11:15:00

Affected Software

Apple iPhone OS 12.4

12.4

Apple Mac OS X 10.12.6

10.12.6

Apple Mac OS X 10.13.6

10.13.6

Apple Mac OS X 10.14.5

10.14.5

Apple tvOS 12.4

12.4

Apple WatchOS 5.3

5.3

References

openSUSE-SU-2019:2308

openSUSE-SU-2019:2307

20190816 APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra

Mailing List, Third Party Advisory

20190816 APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 12.4

Mailing List, Third Party Advisory

20190816 APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3

Mailing List, Third Party Advisory

20190816 APPLE-SA-2019-8-13-4 Additional information for APPLE-SA-2019-7-22-5 tvOS 12.4

Mailing List, Third Party Advisory

http://www.cs.ox.ac.uk/publications/publication12404-abstract.html

Third Party Advisory

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en

RHSA-2019:2975

RHSA-2019:3055

RHSA-2019:3076

RHSA-2019:3089

RHSA-2019:3165

RHSA-2019:3187

RHSA-2019:3217

RHSA-2019:3218

RHSA-2019:3220

RHSA-2019:3231

RHSA-2019:3309

RHSA-2019:3517

RHSA-2020:0204

[debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update

[debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update

[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update

USN-4115-1

USN-4118-1

USN-4147-1

https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/

Third Party Advisory

VU#918987

Third Party Advisory, US Government Resource

https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli

Third Party Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.