Several security researchers from the Singapore University of Technology and Design are warning of 16 new Bluetooth gaps that affect audio devices, Microsoft’s Surface series and many smart home and IoT devices. Security updates have already been released, but not all manufacturers plan to provide patches based on the current state of knowledge.
DoS and malicious code attacks
In a detailed article, the researchers explain that the Bluetooth standards 3.0 to 5.2 are affected by the vulnerabilities. They also list the affected Bluetooth SoCs from Intel, Qualcomm & Co. You named the gaps Braktooth. Brak is Norwegian and means noise in German.
Following the name of the vulnerabilities, attackers could permanently crash Bluetooth SoCs after DoS attacks. In some cases it is even conceivable that malicious code could be executed. A classification of the threat levels of the vulnerabilities is currently pending.
To be able to attack vulnerable devices, Bluetooth must be active and an attacker must be within radio range. Under these conditions, the researchers were able to attack devices using an ESP32 development kit with modified firmware in connection with a computer on which the PoC is running.
According to their own statements, they were able to attack a vulnerable ESP32 SoC, which is used in many IoT devices. Due to a lack of a check in the ESP BT Library, the researchers said they were able to trigger a memory error (out-of-bounds) and thus execute their own code.
In another case, they were able to paralyze the Bluetooth connection of laptops by sending prepared packages. The researchers also state that they can switch off Bluetooth speakers after successful attacks.
Patches: status quo
The security researchers report that Espressif Systems and Infineon (Cypress) have already delivered security patches. Intel has announced updates. Texas Instrument claims to have reproduced the security issues, but there are currently no plans to release patches. Countless IoT devices that will probably never see a patch are also problematic.
It is still unclear when the patches that have already been published will reach end devices such as Microsoft’s Surface series. Owners should ensure that their devices are always up to date.