Quote:A high-severity Bluetooth vulnerability has been uncovered, which could enable an unauthenticated attacker within wireless range to eavesdrop or alter communications between paired devices.
The flaw (CVE-2020-15802), discovered independently by researchers at the École Polytechnique Fédérale de Lausanne (EPFL) and Purdue University, is being referred to as “BLURtooth.” The issue exists in the pairing process for Bluetooth 4.0 through 5.0 implementations. This pairing process is called Cross-Transport Key Derivation (CTKD).
“Devices… using [CTKD] for pairing are vulnerable to key overwrite, which enables an attacker to gain additional access to profiles or services that are not restricted, by reducing the encryption key strength or overwriting an authenticated key with an unauthenticated key,” according to a security advisory on Wednesday by the Carnegie Mellon CERT Coordination Center.
There are two types of Bluetooth protocols related to the attack – the older Bluetooth Classic (also known as Bluetooth Basic Rate/Enhanced Data Rate, or BR/EDR) and newer Bluetooth Low Energy (BLE). While BR/EDR are mainly used for audio applications such as wireless telephone connections, wireless headphones and wireless speakers, BLE is more often seen in wearable devices, smart IoT devices, fitness monitoring equipment and battery-powered accessories such as a keyboard.
Read more: https://threatpost.com/bluetooth-bug-mit...ks/159124/
![[-]](https://www.geeks.fyi/images/collapse.png)
