Bluetooth network affecting millions of devices …


0


Bluetooth vulnerability discovered affecting millions of devices
A research team at Purdue University in the USA discovered a security vulnerability over Bluetooth in which millions of devices are at risk. According to the researchers’ report, this deficit has not yet been exploited to its full potential.

Bluetooth vulnerability discovered affecting millions of devices
The name of the bluetooth vulnerability found by the US university was announced as BLESA (Bluetooth Low Energy Spoofing Attack). This vulnerability allows hackers to send fake data to devices.

This vulnerability, which affects devices running the BLE (Bluetooth Low Energy) protocol that conserves battery power, occurs after two devices using the same protocol have mutually verified during the pairing process.

Devices that authenticate each other need to check each other’s cryptographic key. However, when reconnecting with BLESA, this verification may change optionally. In addition, if the user’s device cannot force the IoT device to authenticate the transmitted data, authentication can be bypassed.

According to the statement made by the researchers, this vulnerability in BLE has not been used by hackers in real terms until now. Researchers found that BlueZ (Linux-based IoT devices), Fluoride (Android), and iOS BLE stacks are vulnerable to BLESA attack. Windows devices, on the other hand, were resistant to this attack.

Apple announced last June that it closed the bluetooth gap called CVE-2020-9770. But in the article published last month, it explained that Android was still vulnerable in the testing of Android BLE on the Google Pixel XL device.


Like it? Share with your friends!

0
Cyberg

0 Comments

Your email address will not be published. Required fields are marked *

Adblock Detected!

Our website is made possible by displaying online advertisements to our visitors. Please consider supporting us by whitelisting our website.

Choose A Format
Story
Formatted Text with Embeds and Visuals