Just In
- 27 min ago Elon Musk Reveals Plans to Charge New Users a “Small Fee” Before Posting on X: Here’s Why!
- 14 hrs ago Redmi Pad SE With 90Hz Display Launching on April 23 in India; Could Be Priced for Less Than Rs 20,000
- 14 hrs ago Motorola Edge 50 Fusion Launched with Snapdragon 6 Gen 1 SoC, Pantone Validated Cameras, IP68 Rating
- 14 hrs ago Motorola Edge 50 Ultra Launched with Snapdragon 8s Gen 3 SoC, 144Hz OLED Display, Wooden Back
Don't Miss
- Movies Bade Miyan Chote Miyan Box Office Collection Day 7 Prediction: Akshay’s Film To Fail To Cross 50Cr In Week 1
- Finance 275% Payout In FY23: Tata Mutual Fund Backed Stock To Mull Final Dividend Soon For FY24
- Sports Most Sixes in IPL Since 2022: Jos Buttler Overtakes Shivam Dube And Nicholas Pooran in The Big-Hitting Charts
- Lifestyle Sara Ali Khan Aces Summer Fashion In Animal Print Saree, Bookmark Her Chic Saree Choices!
- News UAE Weather Report: Floods Hit Dubai, 18 Dead; Govt. Shuts Schools, Colleges
- Education UPSC Success Story: An IITian, A Government Job Holder at Railways, Quit the Job and Emerged as an IAS
- Automobiles Jeep Compass Gets More Powerful 268.3bhp Turbo Petrol Engine – Check Out All The Details Here
- Travel From Coconut Breaking on Head to Men Dressing as Women: 12 Unique Indian Rituals Explored
BrakTooth Bluetooth Vulnerabilities: What Is It? How To Mitigate Risk?
Recently, security researchers revealed details about as many as 16 vulnerabilities that leave an impact on the Bluetooth software stack shipping with SoC (System-on-Chip) boards from popular vendors. These researchers hit the headlines in February 2020 as they disclosed the SweynTooth vulnerabilities. They have coined the current set of vulnerabilities BrakTooth.
As we saw earlier, BrakTooth affects leading SoC providers including Qualcomm, Intel, Texas Instruments, Silicon Labs, and Infineon (Cypress) and others. The chips that are vulnerable are said to be used by Microsoft Surface laptops, a slew of Qualcomm-based smartphone models, and Dell laptops.
However, these researchers claim that they examined only the Bluetooth software libraries for 13 SoC boards from across 11 vendors. Furthermore, they found that the same Bluetooth firmware was mostly used within over 1,400 chipsets as a base for a slew of devices including smartphones, laptops, industrial equipment and several types of smart IoT devices.
What's notable is that the impact of the vulnerability will not be the same for all these devices. Some devices can be crashed by sending LMP packets crafted for the purpose and recovered with a simple reboot. Other devices might let an attacker run a malicious code on vulnerable devices via BLMP packets. These packets are used by Bluetooth to set up and configure links to other devices.
The shocking news is that researchers believe that the BrakTooth vulnerability could have affected billions of devices across the world.
All BrakTooth Vulnerabilities
As per the complete technical details, 16 vulnerabilities are found on the dedicated BrakTooth website and are numbered from V1 to V16 alongside associated CVEs. The researchers note that all 11 vendors were notified months ago about the potential security issues and even before publishing these findings.
Bluetrum, Infineon, and Expressif have released their patches as well. As they received necessary information, other vendors acknowledged these findings but did not confirm a specific release date to rollout the security patch. They cited internal investigations on how the bugs of BrakTooth will impact their software stacks as well as product portfolios. Furthermore, Texas Instruments stated that they will not address the flaws that will impact their chipsets.
Computer Security Flaws
As per the listing in the Common Vulnerabilities and Exposures (CVE) database, the computer security flaws were disclosed publicly. It intends to make it easier to share data across individual vulnerability capabilities including databases, tools and services. In BrakTooth, the most serious vulnerability has been listed under CVE-2021-28139. It lets attackers in radio range trigger the execution of the arbitrary code along with a specially crafted payload.
While the serious vulnerability was found to impact smart devices and industrial equipment that was built on Expressif System's ESP32 SoC boards, the issue might impact as many as 1,400 commercial products that reuse the same Bluetooth software stack.
Migitigation Of BrakTooth Risk
The researchers emphasize that the lack of basis testing in Bluetooth certification to authenticate the security of BLE (Bluetooth Low Energy) devices is the reason for this. The BrakTooth family of vulnerabilities can revisit and reassert the issue but use Bluetooth Classic protocol implementations.
To mitigate the BrakTooth vulnerabilities, the best advice, for now, is the install patches and ask vendors about timely patches that aren't available. Also, it is important to disable Bluetooth on devices that do not require it. You can prevent attackers from sending malicious LMP packets with these patches. As BrakTooth vulnerability is based on Bluetooth Classic protocol, the attacker has to be within the radio range of the target, so make sure you enable Bluetooth only in safe environments
-
99,999
-
1,29,999
-
69,999
-
41,999
-
64,999
-
99,999
-
29,999
-
63,999
-
39,999
-
1,56,900
-
79,900
-
1,39,900
-
1,29,900
-
65,900
-
1,56,900
-
1,30,990
-
76,990
-
16,499
-
30,700
-
12,999
-
3,999
-
2,500
-
3,599
-
8,893
-
13,999
-
32,999
-
9,990
-
12,999
-
25,377
-
23,490