Bluetooth Bugs Allow Impersonation Attacks on Legions of Devices

2020-05-19 15:58

Academic researchers have uncovered security vulnerabilities in Bluetooth Classic that allows attackers to spoof paired devices: They found that the bugs allow an attacker to insert a rogue device into an established Bluetooth pairing, masquerading as a trusted endpoint.

The bugs allow Bluetooth Impersonation Attacks on everything from internet of things gadgets to phones to laptops, according to researchers at the École Polytechnique Fédérale de Lausanne in Switzerland.

For the attacks to be successful, an attacking device would need to be within wireless range of a vulnerable Bluetooth device that has previously established bonding with a remote device with a Bluetooth address known to the attacker.

"As the researchers explained in their paper released on Monday, an attacker can change his Bluetooth address to mimic either Alice or Bob's address, but he cannot prove the ownership of." The researchers explained, "This is the fundamental assumption behind Bluetooth's authentication guarantees, and this assumption should protect against impersonation attacks."

The BIAS attacks can also be combined with the Key Negotiation of Bluetooth attack, according to a CERT advisory, which would give an attacker full access to the paired device.

News URL

https://threatpost.com/bluetooth-bugs-impersonation-devices/155886/

#attack #bluetooth #impersonation

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Bluetooth		4	0	9	7	0	16