Vulnerability in Bluetooth Mesh Implementation: Acceptance of OOB Public Key during Provisioning

Vulnerability in Bluetooth Mesh Implementation: Acceptance of OOB Public Key during Provisioning

CVE-2023-4258 · MEDIUM Severity

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

In Bluetooth mesh implementation If provisionee has a public key that is sent OOB then during provisioning it can be sent back and will be accepted by provisionee.

Learn more about our Web Application Penetration Testing UK.