What is CVE-2020-15802?

CVE-2020-15802 is a vulnerability in N/a. Published 2020-09-11.

Is CVE-2020-15802 known to be exploited?

14 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2020-15802

Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one tra…

EPSS: 0.558 (98.1th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

francozappa/blur
404notf0und/CVE-Flow
ARPSyndicate/cve-scores
ARPSyndicate/cvemon
CerberusMrX/Advanced-Bluetooth-Penetration-Testing-Tool
Charmve/BLE-Security-Attack-Defence
Essen-Lin/Practice-of-the-Attack-and-Defense-of-Computers_
JeffroMF/awesome-bluetooth-security321
Live-Hack-CVE/CVE-2020-15802
TinyNiko/android_

References

www.kb.cert.org/vuls/id/589825 (x_refsource_MISC)
gizmodo.com/bluetooth-unveils-its-latest-security-issue-with-no-se-1845013709 (x_refsource_MISC)
www.bluetooth.com/learn-about-bluetooth/bluetooth-technology/bluetooth-security… (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2020-15802?: CVE-2020-15802 is a vulnerability in N/a. Published 2020-09-11.
Is CVE-2020-15802 known to be exploited?: 14 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.