A group of researchers has discovered a critical Bluetooth vulnerability that leaves tons of wireless devices exposed to digital intrusions. The Bluetooth SIG, an organization that oversees the technology’s standards, has issued a security notice for what the researchers are calling Key Negotiation of Bluetooth or KNOB attack. It gives bad actors the ability to interfere with the Bluetooth pairing procedure, allowing them to make the connection’s encryption key shorter than what it’s supposed to be. That makes it easy for attackers to brute force their way into the connection and be able to spy on data shared between devices, such as between a phone and a speaker or a phone and another phone.
The fact that attackers can exploit the flaw even for devices that had been previously paired makes it even worse. According to the paper the researchers published, the vulnerability affects devices that use Bluetooth BR/EDR (or Bluetooth Classic) connection. The attack will only work if both devices establishing a connection have the vulnerability. That said, all the Bluetooth chips the researchers tested were vulnerable. KNOB’s official website says:
“The KNOB attack is possible due to flaws in the Bluetooth specification. As such, any standard-compliant Bluetooth device can be expected to be vulnerable. We conducted KNOB attacks on more than 17 unique Bluetooth chips (by attacking 24 different devices). At the time of writing, we were able to test chips from Broadcom, Qualcomm, Apple, Intel, and Chicony manufacturers. All devices that we tested were vulnerable to the KNOB attack.”
Tech giants like Apple and Microsoft have already rolled out patches to fix the flaw, and the Bluetooth Core Specification has been changed to require a minimum encryption key length. For those measures to work against what the researchers say is “a serious threat to the security and privacy of all Bluetooth users,” though, people must update their devices when a fix becomes available.
Author: Mariella Moon
Source: GSMArena bluetooth, gear, knob attack, security