gradient

Bluetooth devices could soon face a whole new level of security threats

Researchers have found a way to wiggle their way between two endpoints communicating via Bluetooth, giving them the opportunity to mount device impersonation or man-in-the-middle (MitM) attacks.

The technique was discovered by cybersecurity researchers at Eurecom, BleepingComputer reports. They found two flaws that can compromise the secrecy of a Bluetooth session, and six possible attack scenarios, which they dubbed “BLUFFS”.

The flaws are now tracked as CVE-2023-24023, and affect Bluetooth Core Specification from version 4.2 onward. They affect Bluetooth “at a fundamental level”, the publication explains.

Reader Offer: $50 Amazon gift card with demo
Perimeter 81’s Malware Protection intercepts threats at the delivery stage to prevent known malware, polymorphic attacks, zero-day exploits, and more. Let your people use the web freely without risking data and network security.

Preferred partner (What does this mean?

Billions of vulnerable devices

The vulnerabilities work because of the way Bluetooth derives session keys which decrypt data in exchange. By affecting the derivation process, the attackers can force Bluetooth to derive a short session key, which can subsequently be brute-forced. That allows the attackers to eavesdrop on any communication between the two endpoints.

The challenge here is that the attacker needs to be within Bluetooth range of the two targets in order to pull the attack off. That being said, there are six different attacks that can be mounted abusing the flaw, including different MitM attacks, the researchers said. They also developed a toolkit to demonstrate just how effective BLUFFS are, and shared it on GitHub. 

Finally, the researchers came up with a couple of modifications to the Bluetooth standard that would tackle BLUFFS and similar threats, and include enhancement to the session key derivation process. The modifications are backward-compatible, they added. The list of mitigations can be found here.

Bluetooth has been around for years and is considered a safe, well-established standard for wireless communication. Therefore, such a vulnerability could be abused to compromise billions of devices around the world, including laptops, smartphones, different internet-connected sensors, and more.

Eurecom tested the flaws on different endpoints and found that all of them were vulnerable to at least three out of six BLUFFS attacks.

More from TechRadar Pro

Everything you need to know about Chrome’s latest zero-day emergency and update patchHere’s a list of the best firewalls around todayThese are the best malware removal tools right now

Leave a Comment