if not require to use, it is better turn off bluetooth function before your hardware vendor patch – 26th May 2020

Preface: Bluetooth enabled consumer electronics such as mobile phones, cameras simplify data sharing between devices. For instance, smartphone can wirelessly connect to a headset to make hands-free calling easier or can send pictures to another.

Background: The Bluetooth market has changed dramatically in the past three to four years. Perhaps is the potential power of smarthome concept.If you are moving a lot of data or streaming media, then you should go with a Bluetooth BR/EDR solution.

Vulnerability details: An unauthenticated, adjacent attacker could impersonate a Bluetooth BR/EDR master or slave to pair with a previously paired remote device to successfully complete the authentication procedure without knowing the link key. That is your neighbor might conduct similar type of man-in-the-middle attack from the opposite side of the wall. With reference to existing attack method. In order to conduct the attack successfully, attacker must relies on 3rd party hardware and Linux machine (refer to attached diagram). So, if you are not in frequent to use Bluetooth function. I would recommend that turn off your Bluetooth (BR/EDR) function before patch.

Official announcement – please refer to following link https://kb.cert.org/vuls/id/647177

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.