Tech »  Topic »  New Bluetooth Vulnerability Leak, Your Passcode to Hackers During Pairing

New Bluetooth Vulnerability Leak, Your Passcode to Hackers During Pairing


Decoding Compliance With CISOs

A recently discovered vulnerability in Bluetooth technology has raised significant security concerns.

This flaw could allow hackers to intercept passcodes during the device pairing process, affecting a wide range of Bluetooth devices and potentially having far-reaching implications for users worldwide.

The Vulnerability: CVE-2020-26558

The vulnerability, CVE-2020-26558, is found in devices supporting the Passkey Entry association model in various Bluetooth Core Specifications, ranging from version 2.1 to 5.4. It affects BR/EDR Secure Simple Pairing and LE Secure Connections Pairing protocols.

The flaw arises when a device accepts a public key from a remote peer with the same X coordinate as the public key it provided but with an opposite sign for the Y coordinate.

Analyse Any Suspicious Links Using ANY.RUN’s New Safe Browsing Tool: Try It for Free

This oversight allows a man-in-the-middle (MITM) attacker to exploit the pairing process. Responding with ...


Copyright of this story solely belongs to gbhackers . To see the full text click HERE