Bluetooth Has More Unpatched Security Issues

Bluetooth is one of the technologies most present in our devices. It allows us to connect computers wirelessly, send information or data, ultimately interact. However, sometimes we can run into security flaws that compromise systems. That is one of the most common problems in this wireless technology, for which in many cases there are no patches.

Vulnerabilities Haunt Bluetooth

We echo an investigation presented by computer security experts in which they show how Bluetooth has had many vulnerabilities in recent times. They name a series of bugs that have appeared lately related to this technology. One of them was precisely a few weeks ago, when the Bluetooth Special Interest Group issued a statement related to different methods of attacking this type of wireless network.

Bluetooth Has More Unpatched Security Issues

Weeks ago, during the month of August, a group of security researchers at the Workshop on Offensive Technologies conference showed different vulnerabilities that could allow attackers to spoof a device that had previously been paired using the Bluetooth Low Energy protocol.

A few months ago, in May, another group of researchers also warned of a similar attack that relies on a flaw in the specification to spoof a paired device.

They say that the complexity of the Bluetooth ecosystem and the large number of implementations have made security difficult to achieve. Mind you, the rise of easier-to-use Bluetooth auditing tools, like the open source InternalBlue toolkit, has made it easier for vulnerability researchers to do their job.

Problemas de seguridad del Bluetooth

Easier to attack

Until now, as the researchers indicate, it was more difficult to research Bluetooth since the hardware was closed and very controlled. Now it is also easier for hackers to attack you. You don’t need any client radio platform or special technical skills.

These three different attacks that we have seen have shown that the complexity of ensuring security across the various ecosystems of connected devices has led to many potential implementation problems and, in some cases, specification weaknesses.

However, manufacturers make an effort to fix these security flaws through firmware updates and thus prevent hackers from exploiting potential flaws present.

Of course, the security vulnerabilities found to date can have serious consequences, but due to the short range of Bluetooth technology, attacks are usually limited

However, the biggest problem comes with the implementation of patches. To this day, correcting the vulnerabilities in Bluetooth is still complicated since they must first be patched by the manufacturers, but also those patches must be distributed and applied by all the owners of those devices. The end result is that many devices never get these security updates and therefore do not fix the problems.