Severity Rating: Medium 

Systems Affected 

•All Bluetooth devices supporting BR/EDR Core Configurations version 5.2

and prior

Overview 

A vulnerability has been reported in Bluetooth protocol, which could be

exploited by an adjacent attacker to perform a spoofing attack(BIAS)

impersonating the address of a previously paired remote device. 

Description

Bluetooth Basic Rate / Enhanced Data Rate (BR/EDR) Core Configurations are

used for low-power short-range communications. To establish an encrypted

connection, two Bluetooth devices must pair with each other using a link

key. 

An attacker with physical access to the Bluetooth connection could perform

a spoofing attack impersonating the address of a previously paired remote

device. This attack may result in the attacking device completing the

authentication procedure successfully despite not possessing the link key. 

This vulnerability in turn, could permit an attacker to initiate the

Bluetooth Key Negotiation (KNOB) attack more efficiently, potentially

gaining full access as the remote paired device.

Solution 

It is highly recommended that the end users apply the latest update.

Bluetooth host and controller suppliers should refer to the Bluetooth SIG

for guidance on updating their products.   

https://www.bluetooth.com/learn-about-bluetooth/bluetooth-technology/blueto

oth-security/bias-vulnerability/ 

References

https://www.bluetooth.com/learn-about-bluetooth/bluetooth-technology/blueto

oth-security/bias-vulnerability/

https://kb.cert.org/vuls/id/647177/

https://www.welivesecurity.com/2020/05/19/bluetooth-flaw-exposes-countless-

devices-bias-attacks/

CVE Name

CVE-2020-10135