Image
- Linux kernel RCE vulnerability – CVE-2017-1000251
- Linux Bluetooth stack (BlueZ) information leak vulnerability – CVE-2017-1000250
- Android information leak vulnerability – CVE-2017-0785
- Android RCE vulnerability #1 – CVE-2017-0781
- Android RCE vulnerability #2 – CVE-2017-0782
- The Bluetooth Pineapple in Android – Logical Flaw – CVE-2017-0783
- The Bluetooth Pineapple in Windows – Logical Flaw – CVE-2017-8628
- Apple Low Energy Audio Protocol RCE vulnerability – CVE-2017-14315
“The BlueBorne attack vector has several stages. First, the attacker locates active Bluetooth connections around him or her. Devices can be identified even if they are not set to “discoverable” mode. Next, the attacker obtains the device’s MAC address, which is a unique identifier of that specific device. By probing the device, the attacker can determine which operating system his victim is using, and adjust his exploit accordingly. The attacker will then exploit a vulnerability in the implementation of the Bluetooth protocol in the relevant platform and gain the access he needs to act on his malicious objective. At this stage the attacker can choose to create a Man-in-The-Middle attack and control the device’s communication, or take full control over the device and use it for a wide array of cybercriminal purposes.”https://www.youtube.com/watch?v=Az-l90RCns8 Researchers warn BlueBorne could potentially affect all devices with Bluetooth capabilities, an estimated 8.2 billion devices today. Nonetheless, researchers worked closely with Google, Microsoft, Apple, Samsung and Linux to ensure a safe, secure and coordinated response to the vulnerabilities identified. Lamar Bailey, director of security research and development at Tripwire, stressed that BlueBorne vulnerabilities are a good reason why IT security teams should treat Bluetooth like any open port. "[The best] mitigation is to turn it off, unless you must have it," Bailey told Dark Reading. "Use wired devices when possible," especially around sensitive data, he said.
