Security News > 2021 > November > CISA urges vendors to patch BrakTooth bugs after exploits release
Researchers have released public exploit code and a proof of concept tool to test Bluetooth devices against System-on-a-Chip security bugs impacting multiple vendors, including Intel, Qualcomm, Texas Instruments, and Cypress.
CISA warned vendors Thursday to patch these vulnerabilities after the security researchers released the proof of concept tool to test Bluetooth devices against BrakTooth exploits.
BrakTooth tool now available for vendors to test and guard against Bluetooth vulnerabilities.
The impact associated with the BrakTooth bugs ranges from denial-of-service by crashing the device firmware or freezes via deadlock conditions that block Bluetooth communication to arbitrary code execution that can lead to complete takeover depending on the vulnerable SoC used in the targeted device.
While some vendors have already issued security patches to address the BrakTooth vulnerabilities, it will take months to propagate to all unpatched devices.
A list of impacted vendors tracked by the researchers and their patch status can be found here or in the table embedded below.
News URL
Related news
- Patch actively exploited Microsoft SharePoint bug, CISA orders federal agencies (CVE-2023-24955) (source)
- Exploit released for Palo Alto PAN-OS bug used in attacks, patch now (source)
- Maximum severity Flowmon bug has a public exploit, patch now (source)
- CISA Warns of Actively Exploited D-Link Router Vulnerabilities - Patch Now (source)