CVE & CISA-KEV Catalog

CVE-2021-21367

MEDIUM
6.1
CVSS v3
NVD

Description

Switchboard Bluetooth Plug for elementary OS from version 2.3.0 and before version version 2.3.5 has an incorrect authorization vulnerability. When the Bluetooth plug is running (in discoverable mode), Bluetooth service requests and pairing requests are automatically accepted, allowing physically proximate attackers to pair with a device running an affected version of switchboard-plug-bluetooth without the active consent of the user. By default, elementary OS doesn't expose any services via Bluetooth that allow information to be extracted by paired Bluetooth devices. However, if such services (i.e. contact list sharing software) have been installed, it's possible that attackers have been able to extract data from such services without authorization. If no such services have been installed, attackers are only able to pair with a device running an affected version without authorization and then play audio out of the device or possibly present a HID device (keyboard, mouse, etc...) to control the device. As such, users should check the list of trusted/paired devices and remove any that are not 100% confirmed to be genuine. This is fixed in version 2.3.5. To reduce the likelihood of this vulnerability on an unpatched version, only open the Bluetooth plug for short intervals when absolutely necessary and preferably not in crowded public areas. To mitigate the risk entirely with unpatched versions, do not open the Bluetooth plug within switchboard at all, and use a different method for pairing devices if necessary (e.g. `bluetoothctl` CLI).

How to fix

Remediation Available
switchboard bluetooth plugNVD
Affected:>= 2.3.0, < 2.3.5Fixed in:2.3.5CVE-2021-21367derived from NVD

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeChanged

Impact

ConfidentialityLow
IntegrityNone
AvailabilityLow

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L

Exploit Intelligence

0.51%probability of exploitation in 30 days
40thpercentile

Moderate risk: more likely to be exploited than 40% of all known CVEs.

References

Related Vulnerabilities

Other CWE-863 (Incorrect Authorization) vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2023-22518Critical9.8100%KEV + RansomFix
CVE-2023-38035Critical9.8100%KEV + Ransom-
CVE-2022-46169Critical9.8100%KEVFix
CVE-2025-29927Critical9.1100%-Fix
CVE-2024-38856Critical9.899%KEVFix
CVE-2020-36289Medium5.399%-Fix
Embed a live status badge for CVE-2021-21367
CVE-2021-21367 severity badge

Markdown

[![CVE-2021-21367](https://tridentstack.com/cve/badge/CVE-2021-21367.svg)](https://tridentstack.com/cve/CVE-2021-21367)

HTML

<a href="https://tridentstack.com/cve/CVE-2021-21367"><img src="https://tridentstack.com/cve/badge/CVE-2021-21367.svg" alt="CVE-2021-21367"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.