MitM on Secure Simple Pairing

Description

MitM on Secure Simple Pairing

CWE

CVE

Attack Surfaces

Controller Implementation (MITRE EMB3D PID-11)

Pairing

MagicPairing

Feature Exchange

Attack Vectors

No IO downgrade (MITRE EMB3D TID-411)

Defenses

Association confirmation, User to verify integrity checksum before association

Out of band pairing, Use NFC as OOB channel