Skip to main content
Exploiting New Bluetooth Flaws

If you are using a smartphone, then it is highly likely that you must have used this technology at some point or the other. Usually, it is used to connect your handheld devices with wireless headphones or AirPods to listen to your favourite music or watch a movie or TV show. 

To explain it in simple terms, Bluetooth is the technology that allows you to transfer data between a couple of devices that have a very short distance between them. One of the significant differences between Bluetooth and radio station radio waves is that Bluetooth waves cannot travel long distances. Usually, Bluetooth devices have a connectivity range of about 25-35 feet, but it can be reduced if there are obstructions within the two devices. 

One of the significant differences between Bluetooth and radio station radio waves is that Bluetooth waves cannot travel long distances.

As every coin has two sides, the same can be said about Bluetooth as well. While there are various advantages of this technology, there are quite a few flaws as well. Multiple hackers are impersonating legitimate devices by simply exploiting a few new Bluetooth weaknesses. 

If it were just to protect your online security and privacy over cyberspace, we would have simply recommended using a reliable VPN that can guard your online activities

A Virtual Private Network is a perfect companion to secure your internet traffic, identity, privacy and unblock countless geo-restricted streaming channels. You can see what more it can and can’t do for you by reading about the pros and cons of virtual private networks.

Unfortunately, no matter how fruitful a virtual private network may be in today’s age, it cannot protect you against Bluetooth vulnerabilities, so you have to stay aware and vigilant at your end. 

The vulnerabilities are recently identified in Bluetooth Core and Mesh Profile Specifications, allowing hackers to imitate genuine devices and carry out man-in-the-middle (MitM) attacks.

The Carnegie Mellon CERT Coordination Center said in an advisory which was published on Monday that “the devices that support Bluetooth Core and Mesh Specifications are at the mercy of impersonation attacks and AuthValue disclosure that could enable an attacker to imitate an authorised device during pairing.”

Scroll to Continue

Recommended Articles

Bluetooth Core and Mesh Profile Specifications are responsible for defining the standard for communication over the short-range wireless technology to assist in data transfer among devices. 

BIAS, the general term for referring to Bluetooth impersonation attacks, enables any malicious individual to create a secure connection with the prey. There will be no requirement for long-term key authentication. Therefore they will bypass the Bluetooth authentication mechanism. 

As per the researchers, these BIAS attacks are the beginning of many uncovering problems related to Bluetooth's secure connection substantiation authentication methods, adversarial role switches, and Secure Connections downgrades.

According to them, they conducted BIAS attacks against multiple Bluetooth devices just to confirm whether or not these attacks are practical or not. 

Bluetooth Flaws

Also, things are not looking good for Bluetooth Mesh Profile Specification versions 1.0 and 1.0.1, as four new flaws were recently found. Below you will find a summary of them:

  • CVE-2020-26557 - Expected Authvalue in Bluetooth Mesh Profile provisioning guides to MITM
  • CVE-2020-26560 - Imitation attack in Bluetooth Mesh Profile provisioning
  • CVE-2020-26558 - Imitation in the Passkey entry protocol
  • CVE-2020-26556 - Flexible commitment in Bluetooth Mesh Profile provisioning
  • CVE-2020-26559 - Bluetooth Mesh Profile AuthValue leak
  • CVE-2020-26555 - Impersonation in the BR/EDR pin-pairing protocol

According to the researchers, their attacks continue to work even when the victims were using SSP and secure connections, which are considered Bluetooth’s most robust security modes. They further add that the attacks targeted the standardised Bluetooth authentication procedure, so they effectively against standard-compliant Bluetooth devices.

Some identified vendors with products impacted by these security flaws include Cisco, Microchip, Intel, Cradlepoint, and AOSP. At the same time, a few of these vendors have already started working on alleviating the issues. Since Cradlepoint was informed about these vulnerabilities, they have already begun producing NCOS version 7.21.40 that fixes the problems cited.

The Bluetooth Special Interest Group (SIG), which is the organisation that supervises the development of Bluetooth standards, has also published security reports for each of the six flaws. 

It’s no surprise that Bluetooth users are highly recommended to install the newest recommended updates from device manufacturers as soon as they are available. 

Final Thoughts 

While it may be a long shot, it is never too late to keep a security app installed on your device. Just in case your device is compromised, knowing someone is protecting your online identity offers comfort and protection against any online threat.