This Bluetooth security flaw could be used to hijack Apple and Linux devices

(Image credit: Pixabay)

Experts have uncovered a way to trick a Bluetooth-enabled device into thinking it has connected to a wireless keyboard when, in fact, it’s connecting to another computer.

This, in turn, would allow the operator to run commands on the device, including running malware, according to cybersecurity researcher Marc Newlin, who discovered the flaw and disclosed it to Bluetooth software vendors last summer. 

The flaw is tracked as CVE-2023-45866 and is described as an authentication bypass. Android, Linux, macOS, and iOS devices, are all susceptible, it was said.

Bluetooth under pressure

"Multiple Bluetooth stacks have authentication bypass vulnerabilities that permit an attacker to connect to a discoverable host without user confirmation and inject keystrokes," Newlin said. 

If the attacker is physically close enough to the victim endpoint, he can trick it into thinking it is paired with a new Bluetooth keyboard, and then use this new “keyboard” to run apps, arbitrary commands, and more. All it needs is a Linux computer with a regular Bluetooth adapter.

Google recently published a new security advisory to draw Android users’ attention to the flaw, and said that CVE-2023-45866 could lead to remote escalation of privilege “with no additional execution privileges needed.”

Bluetooth has been getting a lot of bad press lately. Just last week, researchers from Eurecom discovered two flaws collectively named BLUFFS, which allow attackers to mount device impersonation or man-in-the-middle attacks. BLUFFS are tracked as CVE-2023-24023, and affect Bluetooth Core Specification from version 4.2 onward. They affect Bluetooth “at a fundamental level”, the researchers said.

Bluetooth has been around for years and is considered a safe, well-established standard for wireless communication. Therefore, these kinds of vulnerabilities could be abused to compromise billions of devices around the world, including laptops, smartphones, different internet-connected sensors, and more.

Technical details about CVE-2023-45866 are to be released at a later date.

Via TheHackerNews

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.