Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG.
To address the vulnerability, Microsoft has released a software update that will fail attempts to pair if the remote device exchanges a public key with the same X coordinate as the locally exchanged public key
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 05:44
Type | Values Removed | Values Added |
---|---|---|
References |
|
08 Oct 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
Summary | (en) Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG. To address the vulnerability, Microsoft has released a software update that will fail attempts to pair if the remote device exchanges a public key with the same X coordinate as the locally exchanged public key | |
References |
|
|
29 Dec 2023, 23:15
Type | Values Removed | Values Added |
---|---|---|
Summary | Windows Bluetooth Security Feature Bypass Vulnerability | |
CVSS |
v2 : v3 : |
v2 : 2.1
v3 : 7.7 |
Information
Published : 2021-01-12 20:15
Updated : 2024-11-21 05:44
NVD link : CVE-2021-1638
Mitre link : CVE-2021-1638
CVE.ORG link : CVE-2021-1638
JSON object : View
Products Affected
microsoft
- windows_server_2019
- windows_10
- windows_server_2016
CWE