Bluetooth Vulnerabilities One More Time

Researchers have reported 16 new vulnerabilities discovered in Bluetooth software libraries that could lead to various consequences if exploited. Daniil Chernov, Chief Technical Officer, DerSecur LTD., explains the real risks of such exposure.

Some vulnerabilities can trigger a denial of service (DoS) error, in which case Bluetooth on the device will stop working. Sometimes, the problem can be solved by turning Bluetooth off and on. This error can be critical in cases like home security systems with sensors exchanging data via Bluetooth. However, for devices such as wireless headphones or smartwatches, DoS error is not a serious threat.

According to research, arbitrary code can be executed in some cases. This means that in special cases and under certain circumstances, specialists managed to execute some code, although this does not necessarily provide complete control over the device.

Certain vendors with devices exposed to some discovered vulnerabilities have already released security patches to protect users, while others said they would do so if requested by customers.

The technology landscape is so complex now that the constant detection of new vulnerabilities is unavoidable: hopefully by information security researchers first, but possibly by attackers. Therefore, you should keep basic cyber hygiene rules in mind, especially turning off Bluetooth when not in use. The good news is that such attacks cannot be performed on a large scale as they require the physical presence of a hacker within Bluetooth range.