Bluetooth Authentication Exploitable

Avoiding Bluetooth Decay

A CERT advisory has been released regarding the stability of Bluetooth authentication. In short, the advisory outlines that “the authentication provided by the Bluetooth pairing protocols is insufficient.”

This weakness in the Bluetooth key exchange is exploitable and could allow a remote attacker to intercept encryption data.Potentially, malicious actors could view contacts stored on the device, passwords typed on a keyboard, or other sensitive content stored by the device. They may even be able to manipulate the device to access a connected phone or computer.

There will be software and firmware updates released to address his vulnerability. The CVSS score is rated as a 7.3, so apply these updates as they become available.

Affected Vendors: Android, Apple, Broadcom, Dell, Google, Intel, and QUALCOMM Incorporated.This highlights, yet again, why companies need a patching strategy utilizing a patch manager. A vulnerability like this can go under the radar.

Syxsense is an IT solution that can show you all the devices connected to your network. Don’t get surprised by what’s lurking in your environment.

Recent Posts

Topics

Related Posts

In the News: Brute-force attacks surge worldwide, warns Cisco Talos

In the News: Brute-force attacks surge worldwide, warns Cisco Talos

April 17, 2024
In the News: Why 92% of Security Professionals Worry About Generative AI

In the News: Why 92% of Security Professionals Worry About Generative AI

April 16, 2024
In the News: Let’s Celebrate World Backup Day 2024 – Hear From Industry Experts

In the News: Let’s Celebrate World Backup Day 2024 – Hear From Industry Experts

March 29, 2024
In the News: Navigating the new landscape: Understanding and implementing NIST CSF 2.0

In the News: Navigating the new landscape: Understanding and implementing NIST CSF 2.0

March 27, 2024