Accessibility Skip to content

Poly Systems - KNOB and BIAS Bluetooth Impact

Vulnerability Summary

Two recent vulnerabilities have been identified in some Bluetooth enabled products.  They are:

BIAS (CVE-2020-10135), a vulnerability in secure connection pairing in Bluetooth BR/EDR Core Specification v.5.2 and earlier which may allow an unauthenticated user to complete authentication without proper pairing credentials.

KNOB (CVE-2019-9506), a vulnerability in the Bluetooth BR/EDR Specification v.5.1 and earlier which is more susceptible to brute-force attacks potentially 


Details

CVE 2020-10135 - BIAS

Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. An unauthenticated, adjacent attacker could impersonate a Bluetooth BR/EDR master or slave to pair with a previously paired remote device to successfully complete the authentication procedure without knowing the link key.

CVE 2019-9506 - KNOB

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.

Poly released a firmware update to address this vulnerability.  There is no workaround.

Published

Last Update: 3/8/2022
Initial Public Release: 7/21/2020
Advisory ID:  PLYPL20-07

CVE ID: CVE-2020-10135
CVSS Score: 5.4
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CVE ID: CVE-2019-9506
CVSS Score: 8.1
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Product Affected
PRODUCTS VERSION NOTES
Calisto 3200/5300

v66

Includes fix for BIAS and KNOB vulnerabilities
BT600

v1723

Includes fix for BIAS and KNOB vulnerabilities
Voyager 4200 UC Series

v520

Includes fix for BIAS and KNOB vulnerabilities
Voyager 4200 Office Series

v323

Includes fix for BIAS and KNOB vulnerabilities
Voyager 4245 Office

v77

Includes fix for BIAS and KNOB vulnerabilities
Voyager 5200 UC

v508

Includes fix for BIAS and KNOB vulnerabilities
Voyager 5200 Office

v323

Includes fix for BIAS and KNOB vulnerabilities
Voyager 6200 UC  

v706

Includes fix for BIAS and KNOB vulnerabilities
Voyager 8200 UC

v667

Includes fix for BIAS and KNOB vulnerabilities
Voyager Focus UC

v500

Includes fix for BIAS and KNOB vulnerabilities
Voyager Legend UC

v110

Includes fix for BIAS and KNOB vulnerabilities
Solution

Poly has released firmware updates that contain fixes for these issues as well as other fixes and features.  These can be installed via the Plantronics Hub software.  Please refer to the Products Affected table for more information. 

 

Workaround

There is no workaround.

Contact

Any customer using an affected system who is concerned about this vulnerability within their deployment should contact Poly Technical Support(888) 248-4143, (916) 928-7561, or visit the Poly Support Site.

 

Revision History
VERSION DATE DESCRIPTION
1.0 7/21/2020 Initial Release
2.0 3/8/2022 Format changes