There are BlueBorne vulnerabilities in Bluetooth connections
Definition
Bluetooth technology has been in use since early 2000, and over 8.2 Billion devices are using Bluetooth. Some of the older versions of Android, iOS, Windows, and Linux implementations have a vulnerability that enables remote commands on the target device. There are together eight vulnerabilities that are called BlueBorne. These vulnerabilities were found during Spring 2017, communicated to responsible manufacturers and have been patched in the latest revisions.Brief Description
The attacker approaches the proximity of the Bluetooth device and connects through Bluetooth wireless connection using buffer copy, buffer overflow, integer underflow or Man-in-the-Middle attack to gain access to the target device, injects malicious software or captures user information.Worst case is when an advanced attacker reconnoitres the target infrastructure and deploys a worm that uses BlueBorne vulnerabilities to spread over-the-air. Especially, air-gap isolated systems are vulnerable if the Bluetooth is not disabled.
What to do:
The following measures are recommended to mitigate the BlueBorne exploitation:1. Update all possible versions concerning the found vulnerability in:
- Android: Before September 2017 updates
- Windows: Before September 2017 updates
- iOS: Pre-version 10
- Apple TV: Pre-version 7.2.2
- Linux: Before September 2017 updates
3. There is a possibility that Bluetooth has other unrevealed vulnerabilities, so the professional organisation should control the proximity of their systems.
References
1. www.kb.cert.org/vuls/id/240311
2. www.armis.com/blueborne/
No comments:
Post a Comment