Description
In Samsung Gear products, Bluetooth link key is updated to the different key which is same with attacker's link key. It can be attacked without user's intention only if attacker can reveal the Bluetooth address of target device and paired user's smartphone
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://drive.google.com/open?id=0B5L-0MoH_v7fcGljUS1SYnlkOHM
Scores
CVSS v3
5.7
EPSS
0.0029
EPSS Percentile
20.5%
Attack Vector
ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Details
CWE
CWE-20
Status
published
Products (1)
google/android
Published
Jan 18, 2018
Tracked Since
Feb 18, 2026