Researchers from Singapore University of Technology and Design have discovered 16 vulnerabilities in Bluetooth protocols. Vulnerabilities can be used to perform denial of service, cause hardware crashes and freeze audio devices.
Researchers Investigation Thirteen different Bluetooth devices with Bluetooth chips from dozens of different manufacturers including Intel and Qualcomm. The lowest was the Bluetooth 3.0 version number, and the highest was 5.2. They discovered sixteen new vulnerabilities and twenty already known vulnerabilities. Some devices do not operate according to the guidelines and specifications of the Bluetooth standard.
Vulnerabilities allowed researchers Executing arbitrary code It works on smart home devices that run on the affected chipsets. It was also possible denial of serviceAttack on laptops and smartphones, and freeze Bluetooth audio devices. According to researchers, at least 1,400 products contain these vulnerabilities.
“The vulnerabilities exist because some of the standards, and the protocols associated with them, were not adhered to,” the researchers say. To protect yourself, researchers are currently referring to the use of Bluetooth in public places. It appears that “Vulnerabilities exist in the Bluetooth Classic protocol, so a potential hacker must be within range of a Bluetooth antenna to carry out the attacks. It is recommended to know your surroundings when using Bluetooth.” Researchers also recommend that List of infected chips and install patches as they become available.
If patches are not available or provided by the manufacturers, it is recommended that Bluetooth be used as little as possible on these devices. To be absolutely sure whether vulnerabilities are present on the device or not, researchers point to a proof of concept Which will be published on October 20. More details will be released there.
The 16 vulnerabilities were reported to chip manufacturers including Intel, Qualcomm, Texas Instruments, Infineon, Espressif, Bluetrum Technology and Silicon Labs. It has been reported that Bluetrum Technology, Espressif and Infineon have already released patches. Intel, Qualcomm, Actions and Zhuhai Jieli Technology are said to be investigating some of the vulnerabilities. According to the researchers, manufacturer Harman International and SiLabs have not responded as of press time.
