Cybersecurity (opens in new tab) researchers have identified a number of vulnerabilities in two critical Bluetooth services that allow attackers to hijack a pairing request in order to conduct Man-in-the-Middle (MitM) attacks.
The vulnerabilities were spotted by researchers at the French National Agency for the Security of Information Systems (ANSSI) and exist in the Bluetooth Core and Mesh Profile specifications.
Successfully exploiting these vulnerabilities, attackers can intercept pairing requests, masquerade as the initiator and authenticate with the responder, in a classic MitM attack.
We're looking at how our readers use VPN for a forthcoming in-depth report. We'd love to hear your thoughts in the survey below. It won't take more than 60 seconds of your time.
>> Click here to start the survey in a new window (opens in new tab)<<
- Protect your devices with these best antivirus software (opens in new tab)
- Here are the best ransomware protection tools (opens in new tab)
- These are the best malware removal (opens in new tab) software on the market
However, the attacker does not succeed in pairing with the initiator exploiting these vulnerabilities, which prevents a fully transparent MitM attack between the original initiator and the original responder.
Bluetooth Core specification defines the requirements that Bluetooth devices (opens in new tab) must meet in order to communicate with each other. Similarly, the Mesh Profile specification governs Bluetooth devices that use low energy to enable many devices to communicate over Bluetooth.
The Bluetooth Special Interest Group (Bluetooth SIG), which governs the development of the Bluetooth standards, has issued a security advisory with a set of recommendations for each of the seven security flaws that impact the two vulnerable specifications.
The CERT Coordination Center (CERT/CC) has drawn up a list of vendors who have products that are affected by these flaws.
According to CERT/CC these include the Android Open Source Project (AOSP), Cisco, Intel (opens in new tab), Red Hat, Microchip Technology, and Cradlepoint.
CERT/CC also notes that all vendors except Intel, RedHat, and Cradlepoint have acknowledged the vulnerabilities to center and are working to mitigate them.
While the vendors analyse the vulnerabilities and brainstorm a mitigation, the Bluetooth SIG has asked users to follow best practices when operating their bluetooth-enabled devices, and “ensure they have installed the latest recommended updates from device and operating system manufacturers.”
- We've put together a list of the best endpoint protection (opens in new tab) software
Via BleepingComputer (opens in new tab)