Security News > 2021 > November > CISA urges vendors to patch BrakTooth bugs after exploits release
Researchers have released public exploit code and a proof of concept tool to test Bluetooth devices against System-on-a-Chip security bugs impacting multiple vendors, including Intel, Qualcomm, Texas Instruments, and Cypress.
CISA warned vendors Thursday to patch these vulnerabilities after the security researchers released the proof of concept tool to test Bluetooth devices against BrakTooth exploits.
BrakTooth tool now available for vendors to test and guard against Bluetooth vulnerabilities.
The impact associated with the BrakTooth bugs ranges from denial-of-service by crashing the device firmware or freezes via deadlock conditions that block Bluetooth communication to arbitrary code execution that can lead to complete takeover depending on the vulnerable SoC used in the targeted device.
While some vendors have already issued security patches to address the BrakTooth vulnerabilities, it will take months to propagate to all unpatched devices.
A list of impacted vendors tracked by the researchers and their patch status can be found here or in the table embedded below.
News URL
Related news
- CISA orders agencies to patch BeyondTrust bug exploited in attacks (source)
- CISA orders agencies to patch Linux kernel bug exploited in attacks (source)
- CISA Warns of Active Exploits Targeting Trimble Cityworks Vulnerability (source)
- SonicWall firewall exploit lets hackers hijack VPN sessions, patch now (source)