Bluetooth Flaw Allows Attackers to Grab Private Data

Bluetooth Flaw Allows Attackers to Grab Private Data

Two researchers from the Israel Institute of Technology recently discovered a cryptographic bug in Bluetooth firmware and operating system drivers that could allow an attacker to intercept and decrypt data shared between Bluetooth-paired devices.

The CVE-2018-5383 flaw, which affects Bluetooth’s Secure Simple Pairing and Low Energy Secure Connections,  was confirmed to be present in Apple, Broadcom, Intel, and Qualcomm hardware, and some Android handsets.

However, Bluetooth SIG, the organization responsible for Bluetooth, said that an attack would only be successful if an attacking device is within the wireless range of two vulnerable Bluetooth devices going through a pairing procedure.

Source: ZDnet

Disini & Disini Law Office
info@privacy.com.ph