erek
[H]F Junkie
- Joined
- Dec 19, 2005
- Messages
- 10,892
"Sadly, just like with all the previous Bluetooth bugs, patching all vulnerable devices will be a nightmare for system admins, and patching some devices might not be an option.
Some resource-constrained IoT equipment that has been sold over the past decade and already deployed in the field today doesn't come with a built-in update mechanism, meaning these devices will remain permanently unpatched.
Defending against most Bluetooth attacks usually means pairing devices in controlled environments, but defending against BLESA is a much harder task, since the attack targets the more often-occurring reconnect operation.
Attackers can use denial-of-service bugs to make Bluetooth connections go offline and trigger a reconnection operation on demand, and then execute a BLESA attack. Safeguarding BLE devices against disconnects and signal drops is impossible.
Making matters worse, based on previous BLE usage statistics, the research team believes that the number of devices using the vulnerable BLE software stacks is in the billions.
All of these devices are now at the mercy of their software suppliers, currently awaiting for a patch.
Additional details about the BLESA attack are available in a paper titled "BLESA: Spoofing Attacks against Reconnections in Bluetooth Low Energy" [PDF, PDF]. The paper was presented at the USENIX WOOT 2020 conference in August. A recording of the Purdue team's presentation is embedded below."
https://www.zdnet.com/article/billions-of-devices-vulnerable-to-new-blesa-bluetooth-security-flaw/
Some resource-constrained IoT equipment that has been sold over the past decade and already deployed in the field today doesn't come with a built-in update mechanism, meaning these devices will remain permanently unpatched.
Defending against most Bluetooth attacks usually means pairing devices in controlled environments, but defending against BLESA is a much harder task, since the attack targets the more often-occurring reconnect operation.
Attackers can use denial-of-service bugs to make Bluetooth connections go offline and trigger a reconnection operation on demand, and then execute a BLESA attack. Safeguarding BLE devices against disconnects and signal drops is impossible.
Making matters worse, based on previous BLE usage statistics, the research team believes that the number of devices using the vulnerable BLE software stacks is in the billions.
All of these devices are now at the mercy of their software suppliers, currently awaiting for a patch.
Additional details about the BLESA attack are available in a paper titled "BLESA: Spoofing Attacks against Reconnections in Bluetooth Low Energy" [PDF, PDF]. The paper was presented at the USENIX WOOT 2020 conference in August. A recording of the Purdue team's presentation is embedded below."
https://www.zdnet.com/article/billions-of-devices-vulnerable-to-new-blesa-bluetooth-security-flaw/