Bluetooth Security Flaw Leaves Millions Of Devices Vulnerable To Data Attack

Researchers recently discovered a major security flaw in Bluetooth that leaves devices vulnerable to data breach. Millions of devices are said to be at risk of an attack.

Bluetooth Security Flaw

A research team at Center for IT-Security, Privacy, and Accountability (CISPA) recently published a report detailing a Bluetooth security flaw that they discovered may be exploited in a malicious attack. The flaw allows a potential attacker to interfere while two devices are trying to connect via Bluetooth, allowing the attacker to essentially break the Bluetooth security without being detected.

This means that the attacker could then have access to the data from any of the connected devices as long as they are in range. For instance, they could have access to the music one listens to, or to the very words that they type on a Bluetooth keyboard.

“The Key Negotiation Of Bluetooth (KNOB) attack exploits a vulnerability at the architectural level of Bluetooth. The vulnerable encryption key negotiation protocol endangers potentially all standard-compliant Bluetooth devices, regardless their Bluetooth version number and implementation details,” the researchers wrote.

KNOB

The researchers are calling the flaw Key Negotiation of Bluetooth (KNOB) because the exploitation happens when two devices are trying to connect. Upon checking more than 14 Bluetooth chips from popular manufacturers such as Qualcomm, Apple, and Intel, researchers discovered that all the tested devices are vulnerable to attacks.

There is so far no evidence that the vulnerability has been used for malicious attacks, but companies such as Apple and Intel have already implemented a security upgrade. For people who are concerned about this vulnerability, the best course of action to take to protect their data and devices is to always keep their security, software, and firmware up to date.

“As always, Bluetooth users should ensure they have installed the latest recommended updates from device and operating system manufacturers,” said Bluetooth SIG in a Security Warning regarding the discovery. Bluetooth SIG is the international body that is responsible for standards for Bluetooth connections.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics