Billions of Bluetooth support devices are vulnerable to the BlueBorne attack

in #security7 years ago

blueborne.png

Vulnerability is a matter of principle and affects the implementation of Bluetooth in Windows, Linux, Android, iOS, IoT, smartphones, and virtually all computer devices.

Armis specialists revealed 8 vulnerabilities in the implementation of Bluetooth, available in over 8 billion PCs worldwide. All these vulnerabilities have been given the common name BlueBorne.

No interaction with the user is required to use these vulnerabilities, no attachment to a device is required. Only Bluetooth enabled is enough. Three of the eight vulnerabilities were qualified as critical and allowed hackers to gain full control over the device, run malicious code, or run a MitM attack.

BlueBorne affects the implementation of the Bluetooth protocol itself and allows devices to be connected and controlled without any authorization procedures.

BlueBorne vulnerabilities received the following identifiers: CVE-2017-0781, CVE-2017-0782, CVE-2017-0783 and CVE-2017-0785 (Android); CVE-2017-1000251 and CVE-2017-1000250 (Linux); CVE-2017-8628 (Windows). Vulnerability for iOS is not yet classified.

Armis experts officially warned Apple, Google, Microsoft and the Linux community. Relevant patches are already being distributed.

Image Credit

Support me and my work by voting for me @bachoangel

gvk.gif

Sort:  

This is why i've always disabled bluetooth. Bluetooth has always been a serious attack vector, it's just that someone decided to look and publish.