QUALCOMM Incorporated Information for VU#304725

Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange

Status

Affected

Vendor Statement

Qualcomm is aware of the recently published security research on Bluetooth pairing protocols, and we are actively deploying mitigations to our customers. Providing technologies that support robust security and privacy is a priority for Qualcomm, and we encourage end users to update their devices when patches become available.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

None

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.