News Centre

New Bluetooth Hack Affects Millions Of Major Vendor Devices

Article by
July 27, 2018


Bluetooth Hack

The security vulnerability is related to two particular Bluetooth features – Bluetooth low energy (LE) which looks at the implementations of Secure Connections Pairing in operating system software, and EDR which has to do with the implementations of Secure Simple Pairing in device firmware. 

Bluetooth hacking techniques have been tried since the technology was released back on May 20th 1998 and they continue to become more and more effective.

A highly critical cryptographic vulnerability has been found affecting Bluetooth implementations that could allow an unauthenticated attacker that is in physical proximity of the targeted devices to intercept, monitor or manipulate the exchange of traffic within the device.

Known as CVE-2018-5383, affects the firmware or operating system of the devices of major vendors including Apple, Intel, Broadcom, and Qualcomm, while the implication of the bug on Google, Android and Linux are still unknown. A warning from the U.S. Computer Emergency Response Team described the vulnerability as a result of missing check on keys during the process of encrypting data sent over the Bluetooth connections.

How The Bluetooth Hack Works?

Researchers from the Isreal Institute of Technology discovered that during secure pairing it does not mandate devices which support the two features to validate the public encryption key received over-the-air.

Some vendors’ Bluetooth products supporting the two features don’t sufficiently validate elliptic curve parameters used to generate public keys during the Diffie-Hellman key exchange.

Remote attackers within the range of targeted devices during the pairing process can launch a man-in-the-middle attack to obtain the cryptographic key used by the device, allowing them to potentially snoop on supposedly encrypted device communication to steal data over-the-air, and inject malware.

Here’s what Bluetooth SIG Security had to say;

“For an attack to be successful, an attacking device would need to be within wireless range of two vulnerable Bluetooth devices that were going through a pairing procedure.”

“The attacking device would need to intercept the public key exchange by blocking each transmission, sending an acknowledgment to the sending device, and then injecting the malicious packet to the receiving device within a narrow time window. If only one device had the vulnerability, the attack would not be successful.”

Where are the fixes?

Apple issued fixes back in May with the release of iOS 11.4 and in supported MacOS versions in June. For those who haven’t updated, Neumann warned: “Every iPhone device with a Broadcom or Qualcomm chip is inherently vulnerable,” he added. That would include the latest iPhone 8 and X models.

Share your thoughts in the Comments section:

Subscribe For The Latest In Technology

Other Posts You May Like


Please enter your name.
Please enter a valid email address.
Something went wrong. Please check your entries and try again.


Microsoft Azure

Introduction to Azure – A Core Cloud Service

Microsoft Responds to COVID-19

Microsoft Responds To COVID-19 By Offering E1 Licenses Free For The Next 6-Months


Microsoft Teams vs Zoom. What is right for your business?

Microsoft Azure

Azure Firewall Manager now supports virtual networks.

White Paper

Enjoy this free eBook

Tech Patrol - Microsoft Office 365

White Paper (Why businesses Are Migrating to Cloud)

  • This field is for validation purposes and should be left unchanged.
Scroll to Top