Bluetooth Connectivity Vulnerability in HTC Devices Running Windows Mobile
CVE-2008-4295

Currently unrated

Key Information:

Vendor
Microsoft
Status
Windows Mobile
Vendor
CVE Published:
27 September 2008

Summary

The vulnerability arises when Microsoft Windows Mobile 6.0 on specific HTC devices fails to manage the first Bluetooth connection attempt properly if a peer device presents a lengthy Bluetooth name. This oversight can be exploited by remote attackers who either connect directly with a tailored Bluetooth device or wait for the system to scan for nearby devices. The result is a forced reboot of the affected devices, disrupting normal operations and potentially leading to data loss.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/45463
vdb-entryx_refsource_XF
http://secunia.com/advisories/32066
third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/31420
vdb-entryx_refsource_BID

EPSS Score

40% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2008-4295 : Bluetooth Connectivity Vulnerability in HTC Devices Running Windows Mobile | SecurityVulnerability.io