Security News > 2020 > September > Billions of Bluetooth gadgets bothered by ‘BLURtooth’ miscreant-in-the-middle bug

Billions of Bluetooth gadgets bothered by ‘BLURtooth’ miscreant-in-the-middle bug
2020-09-11 07:42

Named BLURtooth, aka CVE-2020-15802, the flaw was present in the Bluetooth BR/EDR from specification version 4.2 to 5.0.

The latest version of the Bluetooth spec is 5.2.

Mind-boggling because as Carnegie Mellon University's CERT explains, they're "Vulnerable to key overwrite, which enables an attacker to gain additional access to profiles or services that are not restricted by reducing the encryption key strength or overwriting an authenticated key with an unauthenticated key."

As a result, "An attacker could gain additional access to profiles or services that are not otherwise restricted." Bluetooth carries over the airwaves keyboard presses, audio calls, speaker and headphone audio, etc, etc, so the potential for mischief is significant.

The Bluetooth SIG's recommendation is that potentially vulnerable implementations "Introduce the restrictions on Cross-Transport Key Derivation mandated in Bluetooth Core Specification versions 5.1 and later."


News URL

https://go.theregister.com/feed/www.theregister.com/2020/09/11/blurtooth_vulnerability/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2020-09-11 CVE-2020-15802 Improper Authentication vulnerability in Bluetooth Core Specification
Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth.
network
high complexity
bluetooth CWE-287
5.9
5.9

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Bluetooth 4 0 9 7 0 16