Bluetooth® Pairing Vulnerability (CVE-2018-5383): Impact on Dell products

Bluetooth® Pairing Vulnerability (CVE-2018-5383): Impact on Dell products


Dell is aware of the Bluetooth® Pairing Vulnerability (CVE-2018-5383) affecting many Bluetooth connections that were disclosed by CERT Vulnerability Note VU#304725.on July 23rd 2018. The vulnerability affects user devices in active discovery mode ("pairing process"), and could allow an unauthenticated attacker with physical proximity of the targeted user’s device to potentially gain unauthorized access, intercept traffic and send forged pairing messages to a Bluetooth® device. For more information, please review https://www.kb.cert.org/vuls/id/304725.

Dell has completed their investigation and impact is isolated to Dell PCs and Thin Client products. The level of impact to Dell PCs and Thin Client products may vary depending on the affected product. Dell highly recommends customers immediately download the patch applicable to their system as soon as they are made available. This article will be updated as additional information becomes available.

Dell Products Impacted:

Dell Consumer and Commercial Client Systems

Dell Client computers (Dell Precision, Latitude, OptiPlex, Inspiron, Vostro, XPS, Alienware) use a variety of Bluetooth adapters and their impact and resolution will vary by manufacturer.

To get a concise list of the drivers available for the Bluetooth adapter installed in your Dell computer, refer to the Dell Knowledge Base article How do I download and install a device driver?.

Customers who have enabled Dell Update (consumer platforms) or Dell Command | Update (commercial platforms) or SupportAssist will have drivers, BIOS and firmware updates downloaded automatically once available.

Impacted Thin Client Systems

The impact platform list for Dell Thin Client products will be updated as information becomes available.

Thin Client Products

Model Number

Recommended Action

Wyse 3030 thin client

In process

Wyse 3030 LT thin client

In process

Wyse 5010 thin client

In process

Wyse 5020 thin client

In process

Wyse 5040 AIO thin client

In process

Wyse 5060 thin client

In process

Wyse 7010 thin client

In process

Wyse 7020 thin client

In process

Latitude 5280 mobile thin client

In process

References:

Intel Security Advisory:

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00128.html





Article ID: SLN309980

Last Date Modified: 08/02/2018 01:39 PM


Rate this article

Accurate
Useful
Easy to understand
Was this article helpful?
Yes No
Send us feedback
Comments cannot contain these special characters: <>()\
Sorry, our feedback system is currently down. Please try again later.

Thank you for your feedback.