Recently, the Bluetooth SIG and the CERT Coordination Center at Carnegie Mellon University have issued warnings about a new Bluetooth flaw, which is termed as BLURtooth. This BLURtooth security flaw could be used by the attackers to overwrite Bluetooth authentication keys.
Impact of BLURtooth
An attacker can easily manipulate the CTKD component to overwrite Bluetooth authentication keys by using the BLURtooth vulnerability and could gain privileged access like Bluetooth-enabled services and apps on the targeted devices.
Security experts have marked it as one of the most severe flaws, as this security flaw allows the attackers to perform several attacks, which includes the man-in-the-middle attack as well. In the case of BLURtooth, the group of attacks is referred to as the BLUR attacks by the security experts.
Here, the threat actors can either completely overwrite the authentication keys or roll back the encryption standard to a more unreliable version; in short, it entirely depends on the BLURtooth attack scenario.
According to the report, to exploit the flaw and begin the attack openly with no authentication on one of the BR/EDR or LE transports, the attackers need to have pairing or bonding permission from the vulnerable devices.
This security flaw affects the Bluetooth standards from 4.0 to 5.0; while in the Bluetooth version 5.1, the cure is already implemented to prevent the operation of BLURtooth.
Key Details of The Flaw
- CVE IDs: CVE-2020-15802
- Date Public: 2020-09-09
- Date First Published: 2020-09-09
This flaw (CVE-2020-15802) exactly relates to the Cross-Transport Key Derivation (CTKD) component that is used to set authentication keys when pairing Bluetooth devices supporting Low Energy (BLE) and Basic Rate/Enhanced Data Rate (BR/EDR).
Mitigations Recommended By the Bluetooth SIG
The Bluetooth SIG (Bluetooth Special Interest Group) is a standards organization that oversees the development of Bluetooth standards, licensing of Bluetooth technologies, and trademarks to the devices manufacturers.
So, Bluetooth SIG has recommended a few key points to the users to avoid being become the target of the attackers, and here they are mentioned below:-
- Quickly integrate if any necessary security patches are available.
- Make sure to install the most latest recommended updates.
- For now, avoid using Bluetooth on your device, until and unless it’s necessary.
- Always check and install the security updates offered by the device and operating system manufacturers.
Apart from this, the Bluetooth SIG is currently working to inform the Bluetooth device manufacturers about the problem and how to fix it. However, it’s not yet specified by the group that when the patches will be available.