---

CVE-2020-26556 - log back

CVE-2020-26556 edited at 26 May 2021 19:58:09
Severity	- Unknown + Medium
Remote	- Unknown + Remote
Type	- Unknown + Private key recovery
Description	+ Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to conduct a successful brute-force attack on an insufficiently random AuthValue before the provisioning procedure times out, to complete authentication by leveraging Malleable Commitment.
References	+ https://bugzilla.redhat.com/show_bug.cgi?id=1960012 + https://kb.cert.org/vuls/id/799380 + https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security/

CVE-2020-26556 created at 26 May 2021 19:55:42
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes