SECURITY BOFFINS have discovered a vulnerability in Bluetooth that allows attackers to potentially intercept communications between paired devices.
The flaw, known as CVE-2018-5383, was unveiled by Lior Neumann and Eli Biham, cybersecurity researchers from the Israel Institute of Technology, who note that two Bluetooth features - Secure Simple Pairing and LE Secure Connections - are affected.
The issue stems from the fact that the Bluetooth specification recommends, but does not require, that a device supporting Secure Simple Pairing or LE Secure Connections validate the public key received over the air when pairing with a new device.
"In such cases, connections between those devices could be vulnerable to a man-in-the-middle attack that would allow for the monitoring or manipulation of traffic," Bluetooth SIG said in its advisory.
"For an attack to be successful, an attacking device would need to be within wireless range of two vulnerable Bluetooth devices that were going through a pairing procedure," the outfit added.
"The attacking device would need to intercept the public key exchange by blocking each transmission, sending an acknowledgement to the sending device, and then injecting the malicious packet to the receiving device within a narrow time window. If only one device had the vulnerability, the attack would not be successful."
A whole host of devices are affected, and Apple, Broadcom, Qualcomm Intel are among those who have already pushed out fixes. According to Microsoft, its devices remain unaffected.
Bluetooth SIG said that it has now updated the Bluetooth specification to require products to validate any public key received as part of public key-based security procedures, adding that there is no evidence of the flaw being exploited.
"There is no evidence that the vulnerability has been exploited maliciously and the Bluetooth SIG is not aware of any devices implementing the attack having been developed, including by the researchers who identified the vulnerability," it said. µ
The week in Google
The scandal that just keeps giving
Clip to the end....