Thursday, March 28, 2024

New Bluetooth Vulnerability Affected Millions of Devices that Allow Hackers to Steal the Encryption key

Newly discovered Bluetooth vulnerability in implemented firmware and operating system software drivers allows remote attackers could obtain the encryption key used by the vulnerable devices.

This vulnerability occurs due to Bluetooth devices are not sufficiently validated elliptic curve parameters when it used to generate public keys during a Diffie-Hellman key exchange

Encryption communication between two Bluetooth devices established by utilizes a device pairing mechanism based on elliptic-curve Diffie-Hellman (ECDH) key exchange.

Last year Critical BlueBorne Vulnerability Puts More Than 5 Billion Bluetooth Enabled Devices Under Attack.

This serious flaw leads an attacker to perform a Man-in-the-Middle attack to obtains the cryptographic keys used by the devices.

This Bluetooth Vulnerability affected the vendors such as Apple, Broadcom, Intel, Qualcomm, and possibly other hardware vendors.

How does This Bluetooth Vulnerability Works

ECDH key pair basically contains private and a public key that will be shared on both side to generate a shared Pair key and the device also should agree to use the elliptic curve parameters.

But in Some cryptographic algorithm implementation, the elliptic curve parameters are not all validated.

This leads to provide a high probability for attackers to inject the invalid public key to determine the session key.

Also once the obtain the session key, then an attacker can then passively intercept and decrypt all device messages or alter the message that is being transferred.

In other words, Bluetooth released a Statement,The researchers identified that the Bluetooth specification recommends, but does not require, that a device supporting the Secure Simple Pairing or LE Secure Connections features validate the public key received over the air when pairing with a new device. It is possible that some vendors may have developed Bluetooth products that support those features but do not perform public key validation during the pairing procedure. In such cases, connections between those devices could be vulnerable to a man-in-the-middle attack that would allow for the monitoring or manipulation of traffic. 

To perform a successful attack, both pairing devices should be within wireless range of two vulnerable Bluetooth devices.

Later attacker device will intercept both pairing devices by blocking the transmission and ending an acknowledgment to the sending device, and then be injecting the malicious packet to the receiving device.

Important Note is that the attack will not be successful If only one device had the vulnerability.

Bluetooth Vulnerability Affected Vendor Information 

This Bluetooth Vulnerability (CVE-2018-5383) has been notified to all the above-affected vendors. you can see here all the vendors security updates for this Bluetooth vulnerability.

VendorStatusDate NotifiedDate Updated
AppleAffected18 Jan 201823 Jul 2018
BroadcomAffected18 Jan 201819 Jun 2018
IntelAffected18 Jan 201823 Jul 2018
QUALCOMM IncorporatedAffected18 Jan 201806 Feb 2018
MicrosoftNot Affected06 Feb 201820 Jul 2018
Android Open Source ProjectUnknown18 Jan 201818 Jan 2018
Bluetooth SIGUnknown06 Feb 201806 Feb 2018
GoogleUnknown19 Mar 201819 Mar 2018
Linux KernelUnknown05 Mar 201805 Mar 2018
Website

Latest articles

Wireshark 4.2.4 Released: What’s New!

Wireshark stands as the undisputed leader, offering unparalleled tools for troubleshooting, analysis, development, and...

Zoom Unveils AI-Powered All-In-One AI Work Workplace

Zoom has taken a monumental leap forward by introducing Zoom Workplace, an all-encompassing AI-powered...

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information...

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including...

The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and...

Hackers Actively Exploiting Ray AI Framework Flaw to Hack Thousands of Servers

A critical vulnerability in Ray, an open-source AI framework that is widely utilized across...

Chinese Hackers Attacking Southeast Asian Nations With Malware Packages

Cybersecurity researchers at Unit 42 have uncovered a sophisticated cyberespionage campaign orchestrated by two...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles