The Bluetooth SIG asks to update to the newest version to avoid this attack that they are doing not consider very serious
In full discussion about the importance of Bluetooth in de-escalation and get in touch with tracing processes. While several teams are performing on the event of systems supported this technology, the École Polytechnique Fédérale de Lausanne (EPFL) in Switzerland has discovered a security breach that permits an attacker to impersonate another device with which the user initially seeks to attach .
This vulnerability, consistent with the researchers, affects practically all devices equipped with this technology and “that haven’t been recently updated”, they highlight.
This security breach called BIAS (Bluetooth Impersonation Attacks) has been partially covered since December 2019, because the Bluetooth SIG informed different device and software manufacturers of the existence of this problem and released several security patches.
The attack , which combined with others can allow third parties much greater control of the victim’s device, is predicated on impersonating the identity of the person with whom the connection is established .
Thanks to a failure within the management of the keys of the already paired devices, cybercriminals can impersonate the device to which the victim really wants to attach .
Following the announcement by researchers from the École Polytechnique Fédérale de Lausanne (EPFL), the Bluetooth SIG association has confirmed that this security flaw in device pairing are going to be resolved with the launch of the new Bluetooth standard, which has not announced the date. update.
For now, the Bluetooh SIG has asked users and device and software manufacturers to update to the newest version available to stop this sort of attack.