Over the past couple of years, we’ve written about several Bluetooth security flaws revealing the fragility of the magic that allows us to pair devices without wires. Security researchers recently found a new set of vulnerabilities that can crash, freeze, or take complete control over billions of devices, but this time it’s not about an issue with the Bluetooth standard itself. Instead, this is the result of poorly-implemented device firmware that may or may not get patched in the near future.
Recently, security researchers at the Singapore University of Technology and Design published a report on a new set of security vulnerabilities in the Bluetooth software stacks of several commercial products.
The 16 flaws are collectively referred to as “BrakTooth,” and create a wide attack surface of billions of devices around the world that incorporate chips from popular vendors like Intel, Infineon (Cypress), Silicon Labs, Qualcomm, and others.
There are over 1,400 devices known to have one or more of the flaws, including Microsoft’s Surface Book 3, Surface Laptop 3, Surface Pro 7, Surface Go 2, several Dell Optiplex desktops and Alienware laptops, quite a few Asus and HP ultrabooks, as well as phones like the Xperia XZ2, Oppo Reno 5G, and the Pocophone F1. Industrial IoT systems based around Espressif Systems’ ESP32 and Qualcomm’s CSR8811 chipsets are also affected, as are a variety of PC and phone wireless accessories, smart home devices, and car infotainment systems.
Researchers are worried that some vendors aren’t exactly willing to fix all these issues, which would be an admittedly arduous task. That said, the impact does vary from one device to the next, with the worst vulnerability being CVE-2021-28139, as it allows an attacker to run arbitrary code on the target device. Some devices are only vulnerable to denial-of-service attacks that crash the chipset firmware, or can be brought into a deadlock condition that disrupts Bluetooth communication; however, this can usually be solved with a simple restart.
To be clear, the 16 flaws don’t impact the Bluetooth standard itself but rather the various implementations made by chipset vendors. And since additional patches are still on the way for some of the affected devices, researchers have delayed the release of their proof-of-concept exploits until next month. For an in-depth read on BrakTooth and updates on patching progress, be sure to check the dedicated website.
As for how to mitigate the issues, there isn’t much you can do besides turning off Bluetooth when not in use and installing any security updates for your devices as they become available.