CVE-2018-5383

MEDIUM EXPLOITED RANSOMWARE

Android - Improper Verification of Cryptographic Signature in Bluetooth Key Exchange

Title source: llm

Exploitation Summary

CVE-2018-5383 has been observed exploited in the wild (reported by VulnCheck KEV), including in ransomware campaigns.

Description

Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device.

References (12)

Core 12

Core References

Mitigation, Third Party Advisory x_refsource_misc

http://www.cs.technion.ac.il/~biham/BT/

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1041432

Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn

https://www.kb.cert.org/vuls/id/304725

Vendor Advisory x_refsource_confirm

https://www.bluetooth.com/news/unknown/2018/07/bluetooth-sig-security-update

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/104879

Mailing List mailing-list x_refsource_mlist

https://lists.debian.org/debian-lts-announce/2019/04/msg00005.html

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2019:2169

Vendor Advisory vendor-advisory x_refsource_ubuntu

https://usn.ubuntu.com/4094-1/

Vendor Advisory vendor-advisory x_refsource_ubuntu

https://usn.ubuntu.com/4095-2/

Vendor Advisory vendor-advisory x_refsource_ubuntu

https://usn.ubuntu.com/4095-1/

Vendor Advisory vendor-advisory x_refsource_ubuntu

https://usn.ubuntu.com/4118-1/

Vendor Advisory vendor-advisory x_refsource_ubuntu

https://usn.ubuntu.com/4351-1/

Scores

CVSS v3 6.8

EPSS 0.0080

EPSS Percentile 51.8%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Details

VulnCheck KEV 2020-02-25

Ransomware Use Confirmed

CWE

CWE-325 CWE-347

Status published

Products (10)

apple/iphone_os < 11.4

apple/mac_os_x < 10.13

google/android 6.0

google/android 6.0.1

google/android 7.0

google/android 7.1.1

google/android 7.1.2

google/android 8.0

google/android 8.1

ti/wl18xx_bluetooth_service_pack < 4.3

Published Aug 07, 2018

Tracked Since Feb 18, 2026