{"id":"CVE-2020-12352","details":"Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.","modified":"2026-03-15T22:32:28.004013Z","published":"2020-11-23T17:15:12.313Z","related":["MGASA-2020-0392","SUSE-FU-2022:4496-1","SUSE-SU-2020:2972-1","SUSE-SU-2020:2980-1","SUSE-SU-2020:2981-1","SUSE-SU-2020:3281-1","SUSE-SU-2020:3484-1","SUSE-SU-2020:3491-1","SUSE-SU-2020:3501-1","SUSE-SU-2020:3503-1","SUSE-SU-2020:3512-1","SUSE-SU-2020:3513-1","SUSE-SU-2020:3522-1","SUSE-SU-2020:3532-1","SUSE-SU-2020:3544-1","openSUSE-SU-2020:1682-1","openSUSE-SU-2020:1698-1","openSUSE-SU-2020:2112-1","openSUSE-SU-2021:0242-1","openSUSE-SU-2024:10728-1","openSUSE-SU-2024:13704-1"],"references":[{"type":"ADVISORY","url":"http://packetstormsecurity.com/files/162131/Linux-Kernel-5.4-BleedingTooth-Remote-Code-Execution.html"},{"type":"ADVISORY","url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html?wapkw=CVE-2020-12351"},{"type":"EVIDENCE","url":"http://packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.html"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"5.4"},{"fixed":"5.4.72"}]},{"events":[{"introduced":"5.8.0"},{"fixed":"5.8.16"}]},{"events":[{"introduced":"5.9.0"},{"last_affected":"5.9.13"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-12352.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}