Bluetooth vulnerabilities in Android, Linux, macOS, iOS, and Windows are critical as hackers could exploit them to gain unauthorized access to the vulnerable devices.
Such flaws in Bluetooth protocols enable the threat actors to steal sensitive data, eavesdrop on communications, and execute malicious actions.
A cybersecurity specialist, Marc Newlin, recently discovered a new Bluetooth vulnerability that enables threat actors to take over iOS, Android, Linux, and MacOS devices.
The threat actors can exploit the new vulnerability without user confirmation to pair an emulated Bluetooth keyboard and inject keystrokes.
Here below, we have mentioned all the vulnerabilities that are discovered by security researchers and affect the iOs, Android, Linux, and macOS:-.
HID devices use reports for communication by covering input, output, and feature reports.
These reports are transport-agnostic, reaching the host via USB or Bluetooth.
As the Bluetooth HID employs L2CAP sockets with port 17 for HID Control and port 19 for HID Interrupt.
Compounding the problem are zero-day vulnerabilities like the MOVEit SQLi, Zimbra XSS, and 300+ such vulnerabilities that get discovered each month.
An established Bluetooth HID link requires connections to both ports.
Keyboard connection to ports 17 and 19 involves pairing and establishing a link key for data encryption, with bonding saving the key.
Out-of-band pairing enables pairing and bonding through non-Bluetooth channels like NFC or USB. Pairing Capability defines authentication mechanisms supported by hosts or peripherals.
Vulnerable devices allow pairing without user confirmation by supporting unauthenticated keyboard pairing.
Successful forced pairing and keystroke injection hinge on host discoverability, NoInputNoOutput pairing capability, and access to L2CAP ports 17 and 19.
Linux and Android expose ports when discoverable, while macOS, iOS, and Windows restrict access to known peripherals.
Attacks on Linux and Android work with most Bluetooth adapters, while macOS, iOS, and Windows require a Broadcom-based adapter.
Try Kelltron's cost-effective penetration testing services to evaluate digital systems security.
This Cyber News was published on cybersecuritynews.com. Publication date: Sun, 21 Jan 2024 04:10:04 +0000