Security News > 2019 > August > New Bluetooth Vulnerability Lets Attackers Spy On Encrypted Connections

New Bluetooth Vulnerability Lets Attackers Spy On Encrypted Connections
2019-08-14 16:48

Over a billion Bluetooth-enabled devices, including smartphones, laptops, smart IoT devices, and industrial devices, have been found vulnerable to a high severity vulnerability that could allow attackers to spy on data transmitted between the two devices. The vulnerability, assigned as CVE-2019-9506, resides in the way 'encryption key negotiation protocol' lets two Bluetooth BR/EDR devices


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/SUQZgdTtyco/bluetooth-knob-vulnerability.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2019-08-14 CVE-2019-9506 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation.
8.1

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Bluetooth 4 0 9 7 0 16