Kritische KNOPF Bluetooth Vulnerability betrifft Millionen Geräte
CYBER NEWS

Kritische KNOPF Bluetooth Vulnerability betrifft Millionen Geräte

1 Star2 Stars3 Stars4 Stars5 Stars (1 Stimmen, durchschnittlich: 5.00 von 5)
Loading ...

The Bluetooth SIG group has issued a security notice giving details about a major bug in the technology’s protocols. It is known as the KNOB Bluetooth vulnerability and it affects the security and privacy of millions devices, especially IOT ones.




The KNOB Bluetooth Vulnerability Is a Serious Issue Concerning Bluetooth-Enabled Devices

A team of security specialists have detected a critical threat that affects Bluetooth-enabled devices. It is known as the KNOB Bluetooth vulnerability and effectively allows malicious operators to attack target end devices while at the same time stealing sensitive encryption keys during the connection initiation process. As a consequence the criminals will be able to hijack all traffic and user interactions. All of this represents a tremendous threat to Bluetooth devices however the problem has been found to be coming from the protocol standards themselves. The security reports indicate that the issue comes from the technical specifications which were created 20 Jahre zuvor!

verbunden: Fast alle Apple-Geräte anfällig für Angriffe auf AWDL Protokoll

The KNOB Bluetooth vulnerability can be used against devices that feature the technology from v1.0 to 5.1. In short the attackers can be used to make two or more victim devices to use a single encryption key during the initial connection request. When this is done the hackers will be able to very easily brute force it actively eavesdrop on the contents. As a consequence the following malicious actions can be undertaken:

  • Surveillance of the Victims
  • Manipulation of Contents
  • Injecting Code and Data in Active Transmissions

The affected Bluetooth device owners will have no knowledge that this is done as the flaw affects them on a protocol level and there can be no notification that the hackers have accessed their data. The posted security disclosure notes that chips from all major manufacturers are affected: Intel, Apfel, Broadcom and Qualcomm.

At the moment there is no information if there are any exploits done by malicious users. To remediate this issue the Bluetooth SIG group is recommending that all manufacturers change the number of key length sizes in the Bluetooth protocol implementation in their chips and devices. This will make it significantly harder to brute force the keys. Users should expect firmware updates in the coming months that will hopefully fix the KNOB Bluetooth vulnerability.

Avatar

Martin Beltov

Martin hat einen Abschluss in Publishing von der Universität Sofia. er schreibt gerne über die neuesten Bedrohungen und Mechanismen des Eindringens Als Cyber-Security-Enthusiasten.

Mehr Beiträge - Webseite

Folge mir:
ZwitschernGoogle plus

Schreibe einen Kommentar

Ihre E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind markiert *

Frist ist erschöpft. Bitte laden CAPTCHA.

Auf Facebook teilen Teilen
Loading ...
Empfehlen über Twitter Tweet
Loading ...
Share on Google Plus Teilen
Loading ...
Share on Linkedin Teilen
Loading ...
Empfehlen über Digg Teilen
Teilen auf Reddit Teilen
Loading ...
Empfehlen über Stumbleupon Teilen
Loading ...