A new Bluetooth exploit by the name of ‘BlueBorne’ allows an attacker to access any Bluetooth enabled device, even without pairing. This is a good reason to turn off Bluetooth when you’re not using it.
What Is BlueBorne?
BlueBorne is an attack vector by which hackers can leverage Bluetooth connections to penetrate and take complete control over targeted devices. BlueBorne affects ordinary computers, mobile phones, and the expanding realm of IoT devices. The attack does not require the targeted device to be paired to the attacker’s device, or even to be set on discoverable mode. Armis Labs has identified eight zero-day vulnerabilities so far, which indicate the existence and potential of the attack vector. Armis believes many more vulnerabilities await discovery in the various platforms using Bluetooth. These vulnerabilities are fully operational, and can be successfully exploited, as demonstrated in our research. The BlueBorne attack vector can be used to conduct a large range of offenses, including remote code execution as well as Man-in-The-Middle attacks.
Please ensure that your devices are running the latest version of the operating system.
To check if your device is risk or is the devices around you are at risk, download the Armis BlueBorne Scanner App on Google Play.
What Devices Are Affected?
Android
All Android phones, tablets, and wearables (except those using only Bluetooth Low Energy) of all versions are affected by four vulnerabilities found in the Android operating system.
Google has issued a patch, it will be available for:
- Nougat (7.0)
- Marshmallow (6.0)
Windows
All Windows computers since Windows Vista are affected by the “Bluetooth Pineapple” vulnerability which allows an attacker to perform a Man-in-The-Middle attack (CVE-2017-8628).
Microsoft is issuing security patches to all supported Windows versions at 10 AM, Tuesday, September 12. We recommend that Windows users should check with the Microsoft release here for the latest information.
iOS
All iPhone, iPad and iPod touch devices with iOS 9.3.5 and lower, and AppleTV devices with version 7.2.2 and lower are affected by the remote code execution vulnerability. This vulnerability was already mitigated by Apple in iOS 10, so no new patch is needed to mitigate it. We recommend you upgrade to the latest iOS or tvOS available.
If you are concerned that your device may not be patched, we recommend disabling Bluetooth, and minimizing its use until you can confirm a patch is issued and installed on your device.