vulnerability
Red Hat: CVE-2018-10910: CVE-2018-10910 bluez: failure in disabling Bluetooth discoverability in certain cases may lead to the unauthorized pairing of Bluetooth devices (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:L/Au:N/C:P/I:N/A:N) | Jan 28, 2019 | Apr 1, 2020 | Mar 27, 2026 |
Severity
2
CVSS
(AV:L/AC:L/Au:N/C:P/I:N/A:N)
Published
Jan 28, 2019
Added
Apr 1, 2020
Modified
Mar 27, 2026
Description
A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the system. This situation could lead to the unauthorized pairing of certain Bluetooth devices without any form of authentication. Versions before bluez 5.51 are vulnerable.
Solutions
redhat-upgrade-bluezredhat-upgrade-bluez-cupsredhat-upgrade-bluez-cups-debuginforedhat-upgrade-bluez-debuginforedhat-upgrade-bluez-debugsourceredhat-upgrade-bluez-hid2hciredhat-upgrade-bluez-hid2hci-debuginforedhat-upgrade-bluez-libsredhat-upgrade-bluez-libs-debuginforedhat-upgrade-bluez-libs-develredhat-upgrade-bluez-obexdredhat-upgrade-bluez-obexd-debuginfo
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.