CVE-2023-2002 in Linuxinfo

Summary

by MITRE • 05/26/2023

A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservation

04/12/2023

Disclosure

05/26/2023

Moderation

accepted

Entry

VDB-227211

CPE

ready

CWE

CWE-275 (confirmed)

CVSS

5.3 (VulDB)

EPSS

0.00594

KEV

Activities

very low

Sector

Lawfirm, Homeoffice, ...

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2023-2002
NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-2002
CVE Details	https://www.cvedetails.com/cve/CVE-2023-2002/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!