1. Are you ready for the Galaxy S20? Here is everything we know so far!
    Android Bluetooth Vulnerability Allows Exploit Without User Interaction
    Heard about this on the Security Now Podcast, SN753

    "STEVE: So against 9.0 Pie and Oreo, Pie and Oreo 8.0, 8.1, and 9.0. The researcher said that a remote attacker within Bluetooth range can silently execute arbitrary code with the privilege of the Bluetooth Daemon, and it runs in the kernel. The flaw is worrisome because no additional interaction is required, and only the Bluetooth MAC address of the target device needs to be known to launch an attack.

    Okay. So, well, there are a couple reasons that's not comforting, because it turns out that for many devices the Bluetooth MAC address can be deduced from the WiFi MAC address. They're often sequential. And so WiFi is easily known. It's being broadcast by the smartphone's WiFi. So obtaining the Bluetooth MAC address is probably a matter of adding or subtracting one, depending upon which phone you're using, and maybe they're all the same. I haven't looked.

    The same vulnerability does impact Google's most recent Android v10. However, with Android 10, the severity rating is dropped to moderate rather than critical because the impact is not a remote code execution as a consequence of other changes made in Android 10. It will crash the Bluetooth daemon, but it won't give you remote code execution access. And they did not test any Android versions older than 8. So we don't know either way whether those may be affected. The flaw's discoverers said they are confident all patches - they said, sorry, once they are "confident" - and I put "confident" in quotes in the show notes because you'll see where I'm going - all patches have reached the end users, they will publish a technical report on the flaw that includes a description of the exploit as well as proof of concept code."
     
  1. Dannydet

    Dannydet Extreme Android User

    Time to keep my Bluetooth off...
     
    mikedt likes this.
  2. svim

    svim Extreme Android User

    Yes this is troubling but it needs to be noted that Android Bluetooth has had numerous exploits revealed every year going back several years:
    https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=android+bluetooth
    ..... and this just includes what have been found and revealed, odds are there a more that just haven't been exposed yet if ever.
    Unfortunately most people aren't aware of this and those who are tend to opt for the convenience of wirelessly connecting peripherals over security anyway.
     
    GIA0929143315, Dannydet and mikedt like this.
  3. Dannydet

    Dannydet Extreme Android User

    Time to keep my Bluetooth on...
     
    GIA0929143315 likes this.
Loading...
Similar Threads - Android Bluetooth Vulnerability
  1. Kishor Bapat
    Replies:
    1
    Views:
    341
  2. Android News
    Replies:
    0
    Views:
    109
  3. Android News
    Replies:
    0
    Views:
    29
  4. Rob
    Replies:
    1
    Views:
    151
  5. honzaZahCZ
    Replies:
    12
    Views:
    309
  6. Lubron
    Replies:
    0
    Views:
    759
  7. ragekage23424
    Replies:
    0
    Views:
    390
  8. stuarta
    Replies:
    7
    Views:
    226
  9. Cyberdev
    Replies:
    0
    Views:
    238
  10. ChihuahuaMom
    Replies:
    8
    Views:
    2,007

Share This Page

Loading...