BRAKTOOTH – 16 New Bluetooth Bugs Let Hackers Execute Arbitrary Code & DDoS on Millions of Devices

Bluetooth Classic protocol is prevalent for laptop and audio devices. This is mainly discovered for several critical vulnerabilities.  As per the report, BrakTooth is a family of a new security vulnerability.

These are reported to the respective vendors, which are already patched. BrakTooth vulnerability had already received the bug bounty from the Espressif System and Xiaomi. It affects more than 1400 product listings.

Why BrakTooth

It is a combination of two words Brak and Tooth. This is directly indicating the Bluetooth targets. In this Bluetooth enable the device continuously and crash them.

Attack Scenario Overview:

In this, they will show you how to perform when a BreakTooth attack happens. Due to some vendor issue, it has released at the end of October 2021.

Affected BT BR/EDR chipsets

As per the report, vulnerabilities get categorized in two ways crashes and deadlock. Crashes trigger the fatal assertion and segmentation work is false due to overflow. It targets the device with BT communication which includes BT speakers, toys, keyboards, etc. With all discovered vulnerabilities, they are responsible for few disclosure processes, and everything has to be reached out at least 90 days. In this, they are actively helping the vendors who are producing the patches with the various processes.

Impact of BrakTooth:

Here they have created a different concrete attack that leveraging the BrakTooth vulnerability. This includes Arbitrary Code Execution, Laptops, and Smartphones, freezing audio products, estimating the scope, and much more.

BT Firmware Patches:

Here the above table says the status of the investigation, which is categorized in the following form:

  1. Available: As per the vendor, it is a replicate of vulnerability and patch.
  2. Patch in progress: Here they have successfully replicated the vulnerability and patch simultaneously, and this will be available soon.
  3. Investigation in progress: The vendor is investigating the security issue where the team will assist.
  4. No fix: This vendor can successfully replicate the issue where they do not have any plan to release the patch.
  5. Pending: Vendor has communicated with the team, and it has the status of the investigation, which is unclear.

The vendor called Texas instrument successfully replicate the security issue, and till this stage, they have no plan to produce the patch. If customers demand, they will consider producing the patch.

Sniffing BT BR/EDR in less than $15:

In this, they are releasing the community, which is in a low-cost BT Classic, which is available readily.


The BreakTooth family vulnerability revisits the reasserts issue if it is old; they heavily use the Bluetooth classic protocol, which sheds light on the future research of Bluetooth security.

Vulnerabilities Description:

In this, they have described in detail description every vulnerability affected on the system-on-chip model in detail. As a result, there are few vulnerabilities that gets discovered while testing the development kits and detect the final products.

PoC Tool Availbility

PoC tool is available to download where the vendors produce the BT SoCs products. As per the report, the user needs to fill a simple form that requires basic information like job role, valid email, organization, etc. Here detailed instruction has given which exploit the target device.

Follow us on LinkedinTwitterFacebook for daily Cybersecurity News & Updates


Gurubaran is a Security Consultant, Security Editor & Co-Founder of Cyber Security News & GBHackers On Security.

Recent Posts

WhatsApp Secret Code Feature Lets Users Set Unique Locked Chat Passwords

WhatsApp has announced the rollout of a new feature to safeguard sensitive conversations. The Secret…

2 mins ago

SSNDOB Marketplace Admin Jailed for Selling millions of Americans Data

In a resounding triumph for justice, U.S. District Judge Kathryn Kimball Mizelle has sentenced Vitalii…

12 hours ago

Is Your Online Store Hacked in a Carding Attack? Here’s an Action Plan to Protect

Hackers are plotting to benefit from the generosity of Halloween, Thanksgiving, and Christmas shoppers using…

15 hours ago

Google Researchers Find Out How ChatGPT Queries Can Collect Personal Data

The LLMs (Large Language Models) are evolving rapidly with continuous advancements in their research and…

16 hours ago

New Android Malware Employs Various Tactics to Deceive Malware Analyst

In the dynamic realm of mobile application security, cybercriminals employ ever more sophisticated forms of…

18 hours ago

DJvu Ransomware Mimic as Cracked Software to Compromise Computers

A recent campaign has been observed to be delivering DJvu ransomware through a loader that…

19 hours ago