29 January 2019
Many Bluetooth-enabled devices are under serious threat that could invite a remote attacker. According to CERT, this is a serious security vulnerability that if neglected could attract man-in-the-middle attack which may determine the cryptographic keys used by the two devices while transferring of the data. The attacker can then intercept and decipher or forger and inject device messages.
This serious security vulnerability isn’t just limited to smartphones but found in the wide range of Bluetooth-enabled devices including the PCs, tablets, and other devices.
The issue resides within the data encryption process when information is transferred from one device to another. There’s a missing check in the keys (Diffie-Hellman key exchange), so an attacker can intercept easily.
According to CERT's report, all devices that use Qualcomm, Intel or Broadcom chips are vulnerable. Those who have applied the security patch since June are under no threat but who haven’t updated till now should be more cautious. They should install the latest software update as soon as it becomes available.
CERT also writes "Bluetooth device users are encouraged to consult with their device vendor for further information."
As the vulnerability is identified, the Bluetooth specifications have been updated by Bluetooth SIG. So, a remedy to the vulnerability has been issued from a specification perspective. The Bluetooth SIG has added testing for this vulnerability within its Bluetooth Qualification Program as well. Bluetooth SIG has released a public statement as well which you can read from the link provided below.
According to CERT’s report, the status of Microsoft and RSA Security LLC is written “Not Affected,” while Apple and Google vendors’ products are affected.