How severe is CVE-2020-10134?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.3 out of 10.

What type of vulnerability is CVE-2020-10134?

This is classified as CWE-351, which is a common weakness in software security.

CVE-2020-10134 - MEDIUM Severity | CVSS 6.3

Vulnerability Description

Pairing in Bluetooth® Core v5.2 and earlier may permit an unauthenticated attacker to acquire credentials with two pairing devices via adjacent access when the unauthenticated user initiates different pairing methods in each peer device and an end-user erroneously completes both pairing procedures with the MITM using the confirmation number of one peer as the passkey of the other. An adjacent, unauthenticated attacker could be able to initiate any Bluetooth operation on either attacked device exposed by the enabled Bluetooth profiles. This exposure may be limited when the user must authorize certain access explicitly, but so long as a user assumes that it is the intended remote device requesting permissions, device-local protections may be weakened.

Related Vulnerabilities

CVE-2024-4769

MEDIUM

CVSS:5.9(Medium)

When importing resources using Web Workers, error messages would distinguish the difference between `application/javascript` responses and non-script responses. This could have been abused to learn in...

CWE-3512024

CVE-2025-47939

MEDIUM

CVSS:5.4(Medium)

TYPO3 is an open source, PHP based web content management system. By design, the file management module in TYPO3’s backend user interface has historically allowed the upload of any file type, with the...

CWE-3512025

CVE-2023-2866

HIGH

CVSS:7.8(High)

If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto Advantech WebAccess version 8.4.5, a web shell could be used to give the attacker full control of the S...

CWE-3512023