BlueBorne: bluetooth attack
A vulnerability called BlueBorne has been found that can be exploited without the user interacting in any way with the device, just simply bluetooth is active.
Potentially, the risk is in the order of 8 billion devices of every kind, from ordinary computers to phones, IoT devices such as TVs, watches and cars, refrigerators and medical devices with bluetooth support.
Eight vulnerabilities in the Bluetooth protocol have been identified that can be exploited as part of an attack:
- Linux kernel RCE vulnerability – CVE-2017-1000251
- Linux Bluetooth stack (BlueZ) information Leak vulnerability – CVE-2017-1000250
- Android information Leak vulnerability – CVE-2017-0785
- Android RCE vulnerability #1 – CVE-2017-0781
- Android RCE vulnerability #2 – CVE-2017-0782
- The Bluetooth Pineapple in Android – Logical Flaw CVE-2017-0783
- The Bluetooth Pineapple in Windows – Logical Flaw CVE-2017-8628
- Apple Low Energy Audio Protocol RCE vulnerability – CVE-2017-14315
What Devices Are Affected?
Android
All Android phones, tablets, and wearables (except those using only Bluetooth Low Energy) of all versions are affected by four vulnerabilities found in the Android operating system, two of which allow remote code execution (CVE-2017-0781 and CVE-2017-0782), one results in information leak (CVE-2017-0785) and the last allows an attacker to perform a Man-in-The-Middle attack (CVE-2017-0783). See the Android Security Bulletin-September 2017
There’s an app on Google Play to control this vulnerability (search “BlueBorne”)
Windows
All Windows computers since Windows Vista are affected by the “Bluetooth Pineapple” vulnerability which allows an attacker to perform a Man-in-The-Middle attack (CVE-2017-8628).
Microsoft is issuing security patches to all supported Windows.
Linux
All Linux devices running BlueZ are affected by the information leak vulnerability (CVE-2017-1000250).
All Linux devices from version 3.3-rc1 (released in October 2011) are affected by the remote code execution vulnerability (CVE-2017-1000251).
IOS
All iPhone, iPad and iPod touch devices with iOS 9.3.5 and lower, and AppleTV devices with version 7.2.2 and lower are affected by the remote code execution vulnerability. This vulnerability was already mitigated by Apple in iOS 10, so no new patch is needed to mitigate it.
Of course at this time, if you are not sure about the installed patch, you should turn off bluetooth
For more information sea https://www.armis.com/blueborne/