Vulnerability Details : CVE-2020-0556
Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access
Vulnerability category: Denial of service
Products affected by CVE-2020-0556
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
- cpe:2.3:a:bluez:bluez:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-0556
0.12%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 28 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-0556
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.8
|
MEDIUM | AV:A/AC:L/Au:N/C:P/I:P/A:P |
6.5
|
6.4
|
NIST | |
|
7.1
|
HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L |
2.8
|
3.7
|
NIST |
References for CVE-2020-0556
-
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00008.html
[security-announce] openSUSE-SU-2020:0479-1: moderate: Security update fMailing List;Third Party Advisory
-
https://www.debian.org/security/2020/dsa-4647
Debian -- Security Information -- DSA-4647-1 bluezThird Party Advisory
-
https://security.gentoo.org/glsa/202003-49
BlueZ: Security bypass (GLSA 202003-49) — Gentoo securityThird Party Advisory
-
https://lists.debian.org/debian-lts-announce/2020/06/msg00008.html
[SECURITY] [DLA 2240-1] bluez security updateMailing List;Third Party Advisory
-
https://usn.ubuntu.com/4311-1/
USN-4311-1: BlueZ vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00055.html
[security-announce] openSUSE-SU-2020:0872-1: moderate: Security update fMailing List;Third Party Advisory
-
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00352.html
INTEL-SA-00352Patch;Third Party Advisory
Jump to