BlueBorne attacks billions of devices, every device is vulnerable

Every device contains bluetooth and those running on Android, iOS, Windows and even Linux is vulnerable to the new set of wireless vulnerabilities in Bluetooth settings called as BlueBorne.

A security company name Armis is the first one to find out all eight separate Bluetooth wireless protocol flaws. The Blueborne requires only a Bluetooth connection with the attacking device or even be in the discovery mode.

Armis CEO Yevgeny Dibrov explained: " These silent attacks are invisible to traditional security controls and procedures. Companies don' t monitor these types of device-to-device connections in their environment, so they can' t see these attacks or stop them."

Red Hat has classifies three out of eight vulnerabilities as critical. The compromised devices can be further used to attack nearby system over any segregated or air-gapped devices. These flaws impact almost 5.3 billion devices in all platforms.

Michael Parker, VP of marketing at Armis, used the WannaCry ransomware attack as an example. " You had WannaCry. Now imagine WannaCry ' Blue,' " said Parker. " It is ransomware that is spread through Bluetooth...It can spread from device to device, unnoticed by current security measures, locking down smartphones, desktops, laptops, and it can' t be stopped by traditional methods."

On Linux servers and desktops, it can attack via Logical Link Control and Adaptation Layer Protocol (L2CAP) at data link layer. This may affect only the Bluetooth hardware, not the Linux kernel with stack protection that will help stop the stack buffer overflow from leading to remote code execution.

Due to early detection of the flaws, Armis researchers warned Apple, Google, Linux and Microsoft corporation to immediately set a patch against this vulnerability.

The list of eight vulnerabilities are as follows:

  • Android information leak vulnerability &ndash CVE-2017-0785
  • Android RCE vulnerability #1 &ndash CVE-2017-0781
  • Android RCE vulnerability #2 &ndash CVE-2017-0782
  • The Bluetooth Pineapple in Android &ndash Logical Flaw CVE-2017-0783
  • Linux kernel RCE vulnerability &ndash CVE-2017-1000251
  • Linux Bluetooth stack (BlueZ) information Leak vulnerability &ndash CVE-2017-1000250
  • The Bluetooth Pineapple in Windows &ndash Logical Flaw CVE-2017-8628
  • Apple Low Energy Audio Protocol RCE vulnerability (no designated CVE number yet)

While the fixes are being done in every platform, do your own steps to protect against this threat- disable Bluetooth on all your devices.

Tag : Linux patch
FAQ
Q
What will happen actually in BlueBorne?
A
These silent attacks are invisible to traditional security controls and procedures. Companies don' t monitor these types of device-to-device connections in their environment, so they can' t see these attacks or stop them.
Q
Who found out the answers dor Bluetooth flaws?
A
A security company name Armis is the first one to find out all eight separate Bluetooth wireless protocol flaws. The Blueborne requires only a Bluetooth connection with the attacking device or even be in the discovery mode.
Q
What attack will happen by BlueBorne on Linux servers?
A
On Linux servers and desktops, it can attack via Logical Link Control and Adaptation Layer Protocol (L2CAP) at data link layer. This may affect only the Bluetooth hardware, not the Linux kernel with stack protection that will help stop the stack buffer overflow from leading to remote code execution.
Q
How many vulnerabilities can affect Linux?
A
Red Hat has classified three out of eight vulnerabilities as critical. The compromised devices can be further used to attack nearby system over any segregated or air-gapped devices.
Q
What are BlueBorne attacks?
A
Every device contains Bluetooth and those running on Android, iOS, Windows and even Linux is vulnerable to the new set of wireless vulnerabilities in Bluetooth settings called as BlueBorne.