cvedb.io
CVE-2021-31615
MEDIUM · CVSS 5.3
EPSS exploitation probability: 0%
Published 2021-06-25T12:15:08.430 · Last modified 2026-06-17T03:52:05.090

Summary

Unencrypted Bluetooth Low Energy baseband links in Bluetooth Core Specifications 4.0 through 5.2 may permit an adjacent device to inject a crafted packet during the receive window of the listening device before the transmitting device initiates its packet transmission to achieve full MITM status without terminating the link. When applied against devices establishing or using encrypted links, crafted packets may be used to terminate an existing link, but will not compromise the confidentiality or integrity of the link.

Affected products

bluetooth — bluetooth_core_specification

Does this affect you?

Add your gear to cvedb and we'll alert you only when bluetooth ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.