How severe is CVE-2018-5383?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.8 out of 10.

What type of vulnerability is CVE-2018-5383?

This is classified as CWE-325, which is a common weakness in software security.

CVE-2018-5383 - MEDIUM Severity | CVSS 6.8

Vulnerability Description

Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device.

Related Vulnerabilities

CVE-2020-26244

MEDIUM

CVSS:6.8(Medium)

Python oic is a Python OpenID Connect implementation. In Python oic before version 1.2.1, there are several related cryptographic issues affecting client implementations that use the library. The issu...

CWE-3252020

CVE-2022-20793

MEDIUM

CVSS:6.8(Medium)

A vulnerability in pairing process of Cisco TelePresence CE Software and RoomOS Software for Cisco Touch 10 Devices could allow an unauthenticated, remote attacker to impersonate a legitimat...

CWE-3252022

CVE-2025-3938

MEDIUM

CVSS:6.8(Medium)

Missing Cryptographic Step vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Cryptanalysis. This issue affects Niagar...

CWE-3252025

CVE-2019-3738

MEDIUM

CVSS:6.5(Medium)

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. A malicious remote attacker could potentially exploit this vulnerability to coerce two...

CWE-3252019

CVE-2023-39199

MEDIUM

CVSS:6.5(Medium)

Cryptographic issues with In-Meeting Chat for some Zoom clients may allow a privileged user to conduct an information disclosure via network access.

CWE-3252023

CVE-2023-28999

MEDIUM

CVSS:6.4(Medium)

Nextcloud is an open-source productivity platform. In Nextcloud Desktop client 3.0.0 until 3.8.0, Nextcloud Android app 3.13.0 until 3.25.0, and Nextcloud iOS app 3.0.5 until 4.8.0, a malicious server...

CWE-3252023