Cybersecurity researchers have shared details about a family of bluetooth vulnerabilities that were found on devices from about a dozen system-on-a-chip (SoC) vendors including Intel , Qualcomm, Texas Instruments, and Cypress.
Collectively referred to as BrakTooth, the security vulnerabilities in the commercial bluetooth stacks were unearthed by researchers from the Singapore University of Technology and Design.
In their explanation, the researchers note that the vulnerabilities could be exploited for different types of attacks ranging from denial-of-service (DoS), to arbitrary code execution in certain Internet of Things (IoT) devices.
We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.
- These are the best endpoint protection tools
- Check our list of the best firewall apps and services
- Here's our choice of the best malware removal software on the market
“As of today, we have evaluated 13 BT devices from 11 vendors. We have discovered a total of 16 new security vulnerabilities, with 20 common vulnerability exposures (CVEs) already assigned and four vulnerabilities are pending CVE assignment from Intel and Qualcomm,” note the researchers.
Widespread impact
According to the researchers, the affected bluetooth stacks can be found on all kinds of devices, from consumer electronics to industrial equipment.
Their research revealed that BrakTooth affects over 1400 different product types including laptops, smartphones, audio equipment, home entertainment systems, automotive infotainment systems, and more.
While the researchers only say that the number of individual products affected by BrakTooth would be “an order of magnitude higher,” considering the prevalence of the vulnerabilities across vendors and device types, it wouldn’t be wrong to assume that billions of bluetooth devices would be impacted.
“All the vulnerabilities are already reported to the respective vendors, with several vulnerabilities already patched and the rest being in the process of replication and patching,” share the researchers, even as they encourage all bluetooth device vendors to use their proof-of-concept code to test their products against BrakTooth.
- Protect your devices with these best antivirus software
