CyberSecurityBoard
Sponsor Register Login

Bluetooth Flaw Let Hackers Takeover of iOS & Android Devices

Bluetooth vulnerabilities in Android, Linux, macOS, iOS, and Windows are critical as hackers could exploit them to gain unauthorized access to the vulnerable devices.
Such flaws in Bluetooth protocols enable the threat actors to steal sensitive data, eavesdrop on communications, and execute malicious actions.
A cybersecurity specialist, Marc Newlin, recently discovered a new Bluetooth vulnerability that enables threat actors to take over iOS, Android, Linux, and MacOS devices.
The threat actors can exploit the new vulnerability without user confirmation to pair an emulated Bluetooth keyboard and inject keystrokes.
Here below, we have mentioned all the vulnerabilities that are discovered by security researchers and affect the iOs, Android, Linux, and macOS:-.
HID devices use reports for communication by covering input, output, and feature reports.
These reports are transport-agnostic, reaching the host via USB or Bluetooth.
As the Bluetooth HID employs L2CAP sockets with port 17 for HID Control and port 19 for HID Interrupt.
Compounding the problem are zero-day vulnerabilities like the MOVEit SQLi, Zimbra XSS, and 300+ such vulnerabilities that get discovered each month.
An established Bluetooth HID link requires connections to both ports.
Keyboard connection to ports 17 and 19 involves pairing and establishing a link key for data encryption, with bonding saving the key.
Out-of-band pairing enables pairing and bonding through non-Bluetooth channels like NFC or USB. Pairing Capability defines authentication mechanisms supported by hosts or peripherals.
Vulnerable devices allow pairing without user confirmation by supporting unauthenticated keyboard pairing.
Successful forced pairing and keystroke injection hinge on host discoverability, NoInputNoOutput pairing capability, and access to L2CAP ports 17 and 19.
Linux and Android expose ports when discoverable, while macOS, iOS, and Windows restrict access to known peripherals.
Attacks on Linux and Android work with most Bluetooth adapters, while macOS, iOS, and Windows require a Broadcom-based adapter.
Try Kelltron's cost-effective penetration testing services to evaluate digital systems security.


This Cyber News was published on cybersecuritynews.com. Publication date: Sun, 21 Jan 2024 04:10:04 +0000


Cyber News related to Bluetooth Flaw Let Hackers Takeover of iOS & Android Devices

Unraveling the Wonders of Bluetooth - Continuing its evolution, Bluetooth 3.0 + HS arrived in 2009, introducing the concept of Bluetooth High Speed, leveraging Wi-Fi technology for faster data transfer over short distances. Bluetooth 4.0, introduced in 2010, marked a significant ...
1 year ago Feeds.dzone.com
CVE-2022-49910 - In the Linux kernel, the following vulnerability has been resolved: ...
7 months ago
CVE-2023-53057 - In the Linux kernel, the following vulnerability has been resolved: ...
7 months ago
Critical Bluetooth Flaw Exposes Android, Apple & Linux Devices to Takeover - Attackers can exploit a critical Bluetooth security vulnerability that's been lurking largely unnoticed for years on macOS, iOS, Android, and Linux device platforms. The keystroke injection vulnerability allows an attacker to control the targeted ...
1 year ago Darkreading.com CVE-2023-45866
CVE-2023-53252 - In the Linux kernel, the following vulnerability has been resolved: ...
2 months ago
Bluetooth Flaw Let Hackers Takeover of iOS & Android Devices - Bluetooth vulnerabilities in Android, Linux, macOS, iOS, and Windows are critical as hackers could exploit them to gain unauthorized access to the vulnerable devices. Such flaws in Bluetooth protocols enable the threat actors to steal sensitive data, ...
1 year ago Cybersecuritynews.com
CVE-2025-21969 - In the Linux kernel, the following vulnerability has been resolved: ...
8 months ago
CVE-2024-49950 - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix uaf in l2cap_connect [Syzbot reported] BUG: KASAN: slab-use-after-free in l2cap_connect.constprop.0+0x10d8/0x1270 net/bluetooth/l2cap_core.c:3949 Read of size 8 ...
1 year ago Tenable.com
CVE-2021-47038 - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid deadlock between hci_dev->lock and socket lock Commit eab2404ba798 ("Bluetooth: Add BT_PHY socket option") added a dependency between socket lock and hci_dev->lock ...
1 year ago Tenable.com
New BLUFFS attack lets attackers hijack Bluetooth connections - Researchers at Eurecom have developed six new attacks collectively named 'BLUFFS' that can break the secrecy of Bluetooth sessions, allowing for device impersonation and man-in-the-middle attacks. Daniele Antonioli, who discovered the attacks, ...
2 years ago Bleepingcomputer.com CVE-2023-24023
Undocumented commands found in Bluetooth chip used by a billion devices - Armed with this new tool, which enables raw access to Bluetooth traffic, Tarlogic discovered hidden vendor-specific commands (Opcode 0x3F) in the ESP32 Bluetooth firmware that allow low-level control over Bluetooth functions. "Tarlogic Security ...
8 months ago Bleepingcomputer.com
CVE-2025-39983 - In the Linux kernel, the following vulnerability has been resolved: ...
1 month ago
'Wall of Flippers' detects Flipper Zero Bluetooth spam attacks - A new Python project called 'Wall of Flippers' detects Bluetooth spam attacks launched by Flipper Zero and Android devices. By detecting the attacks and identifying their origin, users can take targeted protection measures, and culprits can ...
1 year ago Bleepingcomputer.com
CVE-2025-39982 - In the Linux kernel, the following vulnerability has been resolved: ...
1 month ago
CVE-2025-39981 - In the Linux kernel, the following vulnerability has been resolved: ...
1 month ago
Flipper Zero Bluetooth spam attacks ported to new Android app - Recent Flipper Zero Bluetooth spam attacks have now been ported to an Android app, allowing a much larger number of devices to implement these annoying spam alerts. Inspired by previous research on the topic and Flipper Zero applets targeting iOS ...
2 years ago Bleepingcomputer.com Rocke
BadBox malware disrupted on 500K infected Android devices - The BadBox Android malware botnet has been disrupted again by removing 24 malicious apps from Google Play and sinkholing communications for half a million infected devices. HUMAN says it also discovered 24 Android apps in the official app store, ...
8 months ago Bleepingcomputer.com
CVE-2024-53208 - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix slab-use-after-free Read in set_powered_sync This fixes the following crash: ================================================================== BUG: KASAN: ...
11 months ago Tenable.com
Apple 'Find My' network can be abused to steal keylogged passwords - Apple's "Find My" location network can be abused by malicious actors to stealthily transmit sensitive information captured by keyloggers installed in keyboards. The Find My network and application is designed to help users locate lost or misplaced ...
2 years ago Bleepingcomputer.com
Bluetooth Security Flaw Strikes Apple, Linux, and Android Devices - Vulnerabilities in the constantly changing technology landscape present serious risks to the safety of our online lives. A significant Bluetooth security weakness that affects Apple, Linux, and Android devices has recently come to light in the ...
1 year ago Cysecurity.news CVE-2023-45866
CVE-2024-58013 - In the Linux kernel, the following vulnerability has been resolved: ...
9 months ago
Exploit released for critical Cisco IOS XE flaw, many hosts still hacked - Public exploit code is now available for the critical Cisco IOS XE vulnerability tracked as CVE-2023-20198 that was leveraged as a zero-day to hack tens of thousands of devices. Cisco released patches for most releases of its IOS XE software but ...
2 years ago Bleepingcomputer.com CVE-2023-20198
Bluetooth Vulnerabilities Let Hackers Spy on Your Headphones and Earbuds - The vulnerabilities, identified by cybersecurity researchers at ERNW, affect devices using Airoha Systems on a Chip (SoCs) and impact popular brands including Sony, Marshall, Beyerdynamic, and Bose. These flaws expose a powerful custom protocol ...
5 months ago Cybersecuritynews.com
Undocumented backdoor found in Bluetooth chip used by a billion devices - "In a context where you can compromise an IOT device with as ESP32 you will be able to hide an APT inside the ESP memory and perform Bluetooth (or Wi-Fi) attacks against other devices, while controlling the device over Wi-Fi/Bluetooth," explained the ...
8 months ago Bleepingcomputer.com
New Bluetooth Vulnerability Leak Your Passcode to Hackers During Pairing - To mitigate this risk, Bluetooth Core Specification 5.4 advises that devices should fail a pairing procedure if a peer’s public key X coordinate matches that of the local device, except when a debug key is used. This vulnerability, known as ...
1 year ago Cybersecuritynews.com CVE-2020-26558

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)