VDB

CVE-2020-26559

CVE-2020-26559 PUBLISHED

Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (participating in the provisioning protocol) to identify the AuthValue used given the Provisioner’s public key, and the confirmation number and nonce provided by the provisioning device. This could permit a device without the AuthValue to complete provisioning without brute-forcing the AuthValue.

EPSS 1.27% · 79.9th percentile

Risk Scores

EPSS Score
1.27%
79.9th percentile

Affected Products

VendorProductVersions
Ubuntu:24.04:LTSlinux-azure-6.14*, 6.14.0-1017.17~24.04.1, 6.14.0-1013.13~24.04.1
Ubuntu:Pro:20.04:LTSlinux-gcp5.4.0-1154.163, 5.4.0-1157.166, 5.4.0-1156.165
Ubuntu:22.04:LTSlinux-azure5.15.0-1073.82, 5.15.0-1070.79, 5.15.0-1097.106
Ubuntu:18.04:LTSlinux-azure-5.30, 5.3.0-1008.9~18.04.1, 5.3.0-1009.10~18.04.1
Ubuntu:22.04:LTSlinux-nvidia5.15.0-1086.87, 5.15.0-1087.88, 5.15.0-1088.89
Ubuntu:22.04:LTSlinux-azure-fde-5.19*, 5.19.0-1026.29~22.04.1.1, 5.19.0-1027.30~22.04.2.1
Ubuntu:Pro:20.04:LTSlinux-oracle-5.155.15.0-1047.53~20.04.1, 0, 5.15.0-1007.9~20.04.1
Ubuntu:22.04:LTSlinux-gcp-6.86.8.0-1042.45~22.04.1, 0, 6.8.0-1021.23~22.04.1
Ubuntu:24.04:LTSlinux-gkeop6.8.0-1023.25, 6.8.0-1016.18, 6.8.0-1014.16
Ubuntu:24.04:LTSlinux-gcp-6.110, 6.11.0-1006.6~24.04.2, 6.11.0-1011.11~24.04.1
Ubuntu:22.04:LTSlinux-aws-6.86.8.0-1031.33~22.04.1, *, *
Ubuntu:Pro:FIPS:20.04:LTSlinux-aws-fips0, 5.4.0-1021.21+fips2
Ubuntu:22.04:LTSlinux-nvidia-tegra5.15.0-1012.12, 5.15.0-1020.20, 5.15.0-1040.40
Ubuntu:20.04:LTSlinux-oem-5.145.14.0-1048.55, 5.14.0-1050.57, 5.14.0-1034.37
Ubuntu:Pro:FIPS-preview:22.04:LTSlinux-fips5.15.0-73.80+fips1, 0
Ubuntu:16.04:LTSlinux-hwe-edge*, *, 4.15.0-13.14~16.04.1
Ubuntu:Pro:FIPS-updates:22.04:LTSlinux-fips5.15.0-107.117+fips1, *, *
Ubuntu:Pro:20.04:LTSlinux-nvidia-tegra-5.155.15.0-1039.39~20.04.1, 5.15.0-1030.30~20.04.1, 5.15.0-1027.27~20.04.1
Ubuntu:24.04:LTSlinux-azure-nvidia-6.140, 6.14.0-1003.3, 6.14.0-1006.6
Ubuntu:Pro:20.04:LTSlinux-aws5.4.0-1038.40, 5.4.0-1099.107, 5.4.0-1089.97

…and 219 more

Timeline

  • May 24, 2021 CVE Published
  • May 25, 2021 EPSS Score
  • Jul 27, 2021 EPSS Score
  • Nov 27, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Mar 30, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • Jul 31, 2022 EPSS Score
  • Sep 30, 2022 EPSS Score
  • Dec 1, 2022 EPSS Score
  • Mar 7, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›