CVE-2020-10370

HIGH

8.8

Description

Certain Cypress (and Broadcom) Wireless Combo chips such as CYW43455, when a 2021-01-26 Bluetooth firmware update is not present, allow a Bluetooth outage via a "Spectra" attack.

CVE Details

CVSS v3.1 Score8.8

SeverityHIGH

CVSS VectorCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack VectorADJACENT_NETWORK

ComplexityLOW

Privileges RequiredNONE

User InteractionNONE

Published11/11/2024

Last Modified1/27/2025

Sourcenvd

Honeypot Sightings0

References

https://bugzilla.redhat.com/show_bug.cgi?id=2052676(cve@mitre.org)

https://github.com/RPi-Distro/bluez-firmware/commit/8445a53ce2c51a77472b908a0c8f6f8e1fa5c37a(cve@mitre.org)

https://security-tracker.debian.org/tracker/CVE-2020-10370(cve@mitre.org)

https://www.informatik.tu-darmstadt.de/fb20/aktuelles_fb20/fb20_neuigkeiten/neuigkeiten_fb20_details_203136.de.jsp(cve@mitre.org)

https://www.informatik.tu-darmstadt.de/seemoo/team_seemoo/jiska_classen/index.en.jsp(cve@mitre.org)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.