CVE-2020-26558

CVE Database · CVE-2020-26558

CVE-2020-26558

· MEDIUMModified

CVSS v3.1

4.2

EPSS

0.87%

Published

May 24, 2021

Modified

Nov 4, 2025

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time.

CVSS Vector

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

Weaknesses (CWE)

CWE-287

Affected Products (34)

bluetooth · bluetooth_core_specificationvulnerable

fedoraproject · fedoravulnerable

debian · debian_linuxvulnerable

linux · linux_kernel (up to 5.13)vulnerable

intel · ax210_firmwarevulnerable

intel · ax210

intel · ax201_firmwarevulnerable