Bluetooth Flaw Hackers Takeover

Bluetooth vulnerabilities in Android, Linux, macOS, iOS, and Windows are critical as hackers could exploit them to gain unauthorized access to the vulnerable devices.

Such flaws in Bluetooth protocols enable the threat actors to steal sensitive data, eavesdrop on communications, and execute malicious actions.

A cybersecurity specialist, Marc Newlin, recently discovered a new Bluetooth vulnerability that enables threat actors to take over iOS, Android, Linux, and MacOS devices.

Also Read: 10 Best Zero Trust Security Vendors – 2024

Bluetooth Vulnerabilities in Android, Linux, macOS, iOS

The threat actors can exploit the new vulnerability without user confirmation to pair an emulated Bluetooth keyboard and inject keystrokes.

Here below, we have mentioned all the vulnerabilities that are discovered by security researchers and affect the iOs, Android, Linux, and macOS:-

HID devices use reports for communication by covering input (keypresses, mouse actions), output (commands, state changes), and feature reports (device settings). 

These reports are transport-agnostic, reaching the host via USB or Bluetooth. As the Bluetooth HID employs L2CAP sockets with port 17 for HID Control (feature reports, high latency) and port 19 for HID Interrupt (input/output reports, low latency). 

Document
Best Enterprise Remote Access Software 2024

Secure, Lightning Fast Remote Access with Perimeter 81

Whether your team is working from home or on the go, ensure their process for getting access to critical corporate resources is simple, secure, and fast.

An established Bluetooth HID link requires connections to both ports. Keyboard connection to ports 17 and 19 involves pairing and establishing a link key for data encryption, with bonding saving the key. 

Meanwhile, out-of-band pairing enables pairing and bonding through non-Bluetooth channels like NFC or USB. Pairing Capability defines authentication mechanisms supported by hosts or peripherals.

Affected Linux Distributions

Here below, we have mentioned all the affected Linux distributions:-

  • Ubuntu
  • Debian
  • Redhat
  • Amazon Linux
  • Fedora
  • Gentoo
  • Arch
  • OpenEmbedded
  • Yocto
  • NixOS

Vulnerable devices allow pairing without user confirmation by supporting unauthenticated keyboard pairing. 

Successful forced pairing and keystroke injection hinge on host discoverability, NoInputNoOutput pairing capability, and access to L2CAP ports 17 and 19. 

Linux and Android expose ports when discoverable, while macOS, iOS, and Windows restrict access to known peripherals. Attacks on Linux and Android work with most Bluetooth adapters, while macOS, iOS, and Windows require a Broadcom-based adapter.

Try Kelltron’s cost-effective penetration testing services to evaluate digital systems security. available.

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.