← volver
CVE-2022-24695

CVE-2022-24695

CVSS 4.3 MEDIUMEPSS 0.4%CWE-203
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 4.3EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
02 jun 2023Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Bluetooth Classic in Bluetooth Core Specification through 5.3 does not properly conceal device information for Bluetooth transceivers in Non-Discoverable mode. By conducting an efficient over-the-air attack, an attacker can fully extract the permanent, unique Bluetooth MAC identifier, along with device capabilities and identifiers, some of which may contain identifying information about the device owner. This additionally allows the attacker to establish a connection to the target device.
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://sp2023.ieee-security.org/program-papers.htmlhttps://www.bluetooth.com/specifications/specs/core-specification/https://www.computer.org/csdl/proceedings-article/sp/2023/933600a521/1He7Yja1AYM