Skip to main content

Android CVE-2019-9506

HIGH
Cryptographic Issues (CWE-310)
2019-08-14 cret@cert.org
Code Injection Android Iphone Os Mac Os X Tvos Watchos Ubuntu Linux Debian Linux Leap Mrg Realtime Virtualization Host Eus Enterprise Linux Enterprise Linux Aus Enterprise Linux Eus Enterprise Linux For Real Time Enterprise Linux For Real Time Eus Enterprise Linux For Real Time For Nfv Enterprise Linux For Real Time For Nfv Eus Enterprise Linux Server Enterprise Linux Server Aus Enterprise Linux Server Tus Enterprise Linux Tus Alp Al00B Firmware Ares Al00B Firmware Ares Al10D Firmware Ares Tl00C Firmware Asoka Al00Ax Firmware Atomu L33 Firmware Atomu L41 Firmware Atomu L42 Firmware Bla Al00B Firmware Bla L29C Firmware Bla Tl00B Firmware Barca Al00 Firmware Berkeley Al20 Firmware Berkeley L09 Firmware Berkeley Tl10 Firmware Cairogo L22 Firmware Charlotte L29C Firmware Columbia Al10B Firmware Columbia Al10I Firmware Columbia L29D Firmware Columbia Tl00D Firmware Cornell Al00A Firmware Cornell Al00I Firmware Cornell Al00Ind Firmware Cornell Al10Ind Firmware Cornell L29A Firmware Cornell Tl10B Firmware Dubai Al00A Firmware Dura Al00A Firmware Dura Tl00A Firmware Emily L29C Firmware Ever L29B Firmware Figo L23 Firmware Figo L31 Firmware Figo Tl10B Firmware Florida Al20B Firmware Florida L21 Firmware Florida L22 Firmware Florida L23 Firmware Florida Tl10B Firmware Honor 20 Firmware Honor 20 Pro Firmware Mate 20 Firmware Mate 20 Pro Firmware Mate 20 X Firmware P Smart Firmware P Smart 2019 Firmware P20 Firmware P20 Pro Firmware P30 Firmware P30 Pro Firmware Y5 2018 Firmware Y5 Lite Firmware Y6 2019 Firmware Y6 Prime 2018 Firmware Y6 Pro 2019 Firmware Y7 2019 Firmware Y9 2019 Firmware Nova 3 Firmware Nova 4 Firmware Nova 5 Firmware Nova 5I Pro Firmware Nova Lite 3 Firmware Harry Al00C Firmware Harry Al10B Firmware Harry Tl00C Firmware Hima L29C Firmware Honor 10 Lite Firmware Honor 8A Firmware Honor 8X Firmware Honor View 10 Firmware Honor View 20 Firmware Jakarta Al00A Firmware Johnson Tl00D Firmware Johnson Tl00F Firmware Katyusha Al00A Firmware Laya Al00Ep Firmware Leland L21A Firmware Leland L31A Firmware Leland L32A Firmware Leland L32C Firmware Leland L42A Firmware Leland L42C Firmware Leland Tl10B Firmware Leland Tl10C Firmware Lelandp Al00C Firmware Lelandp Al10B Firmware Lelandp Al10D Firmware Lelandp L22A Firmware Lelandp L22C Firmware Lelandp L22D Firmware London Al40Ind Firmware Madrid Al00A Firmware Madrid Tl00A Firmware Neo Al00D Firmware Paris Al00Ic Firmware Paris L21B Firmware Paris L21Meb Firmware Paris L29B Firmware Potter Al00C Firmware Potter Al10A Firmware Princeton Al10B Firmware Princeton Al10D Firmware Princeton Tl10C Firmware Sydney Al00 Firmware Sydney L21 Firmware Sydney L21Br Firmware Sydney L22 Firmware Sydney L22Br Firmware Sydney Tl00 Firmware Sydneym Al00 Firmware Sydneym L01 Firmware Sydneym L03 Firmware Sydneym L21 Firmware Sydneym L22 Firmware Sydneym L23 Firmware Tony Al00B Firmware Tony Tl00B Firmware Yale Al00A Firmware Yale Al50A Firmware Yale L21A Firmware Yale L61C Firmware Yale Tl00B Firmware Yalep Al10B Firmware Imanager Neteco Firmware Imanager Neteco 6000 Firmware
8.1
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.1 HIGH
AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None

Lifecycle Timeline

1
CVE Published
Aug 14, 2019 - 17:15 nvd
HIGH 8.1

DescriptionNVD

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.

AnalysisAI

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-310. The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing. Affected products include: Google Android, Apple Iphone Os, Apple Mac Os X, Apple Tvos, Apple Watchos. Version information: version 5.1.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2015-3105 CRITICAL POC
10.0 Jun 10

Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466

CVE-2015-3864 CRITICAL POC
10.0 Oct 01

Integer underflow in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in mediaserver in A

CVE-2013-4710 CRITICAL POC
9.3 Mar 03

Android 3.0 through 4.1.x on Disney Mobile, eAccess, KDDI, NTT DOCOMO, SoftBank, and other devices does not properly imp

CVE-2015-1538 CRITICAL POC
10.0 Oct 01

Integer overflow in the SampleTable::setSampleToChunkParams function in SampleTable.cpp in libstagefright in Android bef

CVE-2024-21633 HIGH POC
7.8 Jan 03

Apktool versions 2.9.1 and prior contain a path traversal vulnerability when processing Android APK files. Malicious APK

CVE-2017-13156 HIGH POC
7.8 Dec 06

An elevation of privilege vulnerability in the Android system (art). Rated high severity (CVSS 7.8), this vulnerability

CVE-2016-2107 MEDIUM POC
5.9 May 05

The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a

CVE-2015-3106 CRITICAL POC
10.0 Jun 10

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows

CVE-2015-3107 CRITICAL POC
10.0 Jun 10

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows

CVE-2013-4787 CRITICAL POC
9.3 Jul 09

Android 1.6 Donut through 4.2 Jelly Bean does not properly check cryptographic signatures for applications, which allows

CVE-2014-7911 HIGH
7.2 Dec 15

luni/src/main/java/java/io/ObjectInputStream.java in the java.io.ObjectInputStream implementation in Android before 5.0.

CVE-2016-0801 CRITICAL POC
9.8 Feb 07

The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01

Share

CVE-2019-9506 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy