Cybersecurity researchers have identified a number of vulnerabilities in two critical Bluetooth services that allow attackers to hijack a pairing request in order to conduct Man-in-the-Middle (MitM) attacks.
The vulnerabilities were spotted by researchers at the French National Agency for the Security of Information Systems (ANSSI) and exist in the Bluetooth Core and Mesh Profile specifications.
Successfully exploiting these vulnerabilities, attackers can intercept pairing requests, masquerade as the initiator and authenticate with the responder, in a classic MitM attack.
- Protect your devices with these best antivirus software
- Here are the best ransomware protection tools
- These are the best malware removal software on the market
However, the attacker does not succeed in pairing with the initiator exploiting these vulnerabilities, which prevents a fully transparent MitM attack between the original initiator and the original responder.
Bluetooth Core specification defines the requirements that Bluetooth devices must meet in order to communicate with each other. Similarly, the Mesh Profile specification governs Bluetooth devices that use low energy to enable many devices to communicate over Bluetooth.
Vendors notified
The Bluetooth Special Interest Group (Bluetooth SIG), which governs the development of the Bluetooth standards, has issued a security advisory with a set of recommendations for each of the seven security flaws that impact the two vulnerable specifications.
The CERT Coordination Center (CERT/CC) has drawn up a list of vendors who have products that are affected by these flaws.
According to CERT/CC these include the Android Open Source Project (AOSP), Cisco, Intel, Red Hat, Microchip Technology, and Cradlepoint.
CERT/CC also notes that all vendors except Intel, RedHat, and Cradlepoint have acknowledged the vulnerabilities to center and are working to mitigate them.
While the vendors analyse the vulnerabilities and brainstorm a mitigation, the Bluetooth SIG has asked users to follow best practices when operating their bluetooth-enabled devices, and “ensure they have installed the latest recommended updates from device and operating system manufacturers.”
- We've put together a list of the best endpoint protection software
Via BleepingComputer
