BLE Vulnerability Leads to Broken Authentication and Malicious Data Transfer

A successful Bluetooth Low Energy Spoofing Attack (BLESA) allows threat actors to connect with a device (by getting around reconnection authentication requirements) and send spoofed data to the device. This first starts with malicious packets fooling the device into behaving abnormally and attackers manipulating the device to feed it misleading information.

The vulnerability affects Linux, Android, iOS platforms and more specifically Linux based BlueZ IoT devices, Android-based Fluoride, and the iOS BLE stacks. Windows machines remain unaffected. The flaw was patched in June. However, the Google Pixel XL running Android 10 is still vulnerable.

The remediations:

Whilst there isn’t any practical remediation currently due to the difficulty in patching the repairing process, there are ways you can minimize the risks of this attack. To help protect against the BLESA attack you can update your phone to the latest developer firmware, via an iOS update or an Android OS software update, ASAP. It’s best practice to always turn off Bluetooth when not in use to prevent unnecessary risk.

Source: Threat post, Threat hub

Risk Crew