#VU23113 Permissions, Privileges, and Access Controls in BlueZ - CVE-2018-10910

Cybersecurity Help s.r.o.

Published: 2019-12-02

Vulnerability identifier: #VU23113

Vulnerability risk: Low

CVSSv4.0: 0.4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-10910

CWE-ID: CWE-264

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
BlueZ
Universal components / Libraries / Libraries used by multiple products

Vendor: BlueZ Project

Description

The vulnerability allows a remote attacker to bypass certain security restrictions.

The vulnerability exists in BlueZ due to an error that may allow an attacker to turn on the Bluetooth Discoverable state, when no Bluetooth agent is registered with the system. A remote attacker with physical proximity to the device can remotely turn on Bluetooth agent and access the device without authorization in some cases.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

BlueZ: 5.0 - 5.50

External links
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10910

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

openEuler 20.03 LTS update for bluez-5.50-8

Red Hat Enterprise Linux 8 update for bluez

Red Hat Enterprise Linux 7 update for bluez

Security restrictions bypass in Bluez