Researchers from the Singapore University of Technology and Design have detailed a new Bluetooth vulnerability called 'BrakTooth' that they say can leave billions of smart devices around the world vulnerable to Denial-of-Service (DoS) and arbitrary code execution (ACE). Bluetooth vulnerabilities are particularly alarming given the scope and scale of the problem, but unfortunately, such problems are not exactly uncommon. Late last year, a Tesla Model X was reportedly hacked using Bluetooth in less than two minutes.
BrakTooth is just the latest vulnerability affecting Bluetooth stacks implemented on system-on-chip (SoC) circuits from leading vendors, and it follows other worrying Bluetooth flaws, including the high-profile BLURtooth vulnerability that was discovered and detailed in 2020. Another notable Bluetooth bug discovered last year was a Bluetooth Low Energy (BLE) vulnerability that allows spoofing attacks and affected billions of IoT devices, including Android smartphones.
As for BrakTooth, it includes a total of 16 different vulnerabilities that use Bluetooth Classic (BT) for communication. According to the research paper, the bugs affect at least 1,400 embedded chip components that can lead to a slew of different types of attacks, including denial of service (DoS) via firmware crashes. Speaking of crashes, BrakTooth is the portmanteau of 'brak' and 'tooth'. While the latter obviously comes from Bluetooth, the former is actually Norwegian for 'crash', and hence the name. Meanwhile, at least one of the bugs detailed by the researchers can also reportedly lead to arbitrary code execution, which means a bad actor could potentially run nefarious software on an affected device.
The report further warns that because the same code is often shared across many products, it is quite possible that a whole host of devices beyond the estimated 1,400 could be affected by the vulnerabilities. At its most severe, malicious actors can exploit these vulnerabilities to carry out DoS attacks via firmware crashes and deadlocks, while at the very least, these bugs can be exploited to crash Bluetooth devices and make them virtually inoperable.
Some of the leading consumer-facing devices and brands affected by BrakTooth include the Dell Optiplex 5070, the Alienware M17 R3 (among other models), as well as several devices in Microsoft's Surface lineup, including the Surface Laptop 3, Surface Go 2, Surface Pro 7 and Surface Book 3. Some of the affected smartphones include Xiaomi's Pocophone F1, Sony's Xperia XZ2, Oppo's Reno 5G, and more. A whole host of other devices are also said to be affected, including Bluetooth audio players, soundbars, automotive infotainment systems, and even aircraft entertainment hardware.
The researchers say that all the vulnerabilities are already reported to the respective vendors, with several vulnerabilities already patched. While Espressif Systems, Infineon (Cypress), and Bluetrum Technology have already issued patches to mitigate the issue, Intel, Qualcomm, and Zhuhai Jieli Technology are working to push out patches to mitigate at least some of the bugs. However, not all vendors plan to patch all flaws. Qualcomm will only issue patches for some of the flaws, while Texas Instruments say they don't have any plans to fix the vulnerabilities in their chips. The company is said to have issued a statement saying they will only consider producing a patch if demanded by customers.
Source: Singapore University of Technology and Design
from ScreenRant - Feed https://ift.tt/3tnOCkN
No comments: