Bluetooth Vulnerability in Bluez Affects Multiple Versions
CVE-2018-10910

4.5MEDIUM

Key Information:

Vendor: The Bluez Project
Status: Bluez
Vendor: CVE Published:; 28 January 2019

🔔 Create The Bluez Project Vulnerability Alert

What is CVE-2018-10910?

A vulnerability in the Bluez Bluetooth stack may enable the Discoverable state to be active when no Bluetooth agent is registered with the system. This flaw can facilitate unauthorized pairing attempts of Bluetooth devices, allowing connections without proper authentication. It primarily affects Bluez versions prior to 5.51, posing a potential risk for users who may inadvertently expose their devices to untrusted connections.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

bluez before 5.51

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10910

x_refsource_CONFIRM

https://usn.ubuntu.com/3856-1/

vendor-advisoryx_refsource_UBUNTU

CVSS V3.1

Score:

4.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 28, 2019
Vulnerability Reserved
May 9, 2018

JSON

The Bluez Project