CVE-2020-10370

HIGH

8.8

Description

Certain Cypress (and Broadcom) Wireless Combo chips such as CYW43455, when a 2021-01-26 Bluetooth firmware update is not present, allow a Bluetooth outage via a "Spectra" attack.

Details CVE

Score CVSS v3.18.8

SeveriteHIGH

Vecteur CVSSCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vecteur d'attaqueADJACENT_NETWORK

ComplexiteLOW

Privileges requisNONE

Interaction utilisateurNONE

Publie11/11/2024

Derniere modification1/27/2025

Sourcenvd

Observations honeypot0

References

https://bugzilla.redhat.com/show_bug.cgi?id=2052676(cve@mitre.org)

https://github.com/RPi-Distro/bluez-firmware/commit/8445a53ce2c51a77472b908a0c8f6f8e1fa5c37a(cve@mitre.org)

https://security-tracker.debian.org/tracker/CVE-2020-10370(cve@mitre.org)

https://www.informatik.tu-darmstadt.de/fb20/aktuelles_fb20/fb20_neuigkeiten/neuigkeiten_fb20_details_203136.de.jsp(cve@mitre.org)

https://www.informatik.tu-darmstadt.de/seemoo/team_seemoo/jiska_classen/index.en.jsp(cve@mitre.org)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.