BlueBorne (security vulnerability)

From HandWiki

BlueBorne is a type of security vulnerability with Bluetooth implementations in Android, iOS, Linux and Windows.[1][2][3] It affects many electronic devices such as laptops, smart cars, smartphones and wearable gadgets. One example is CVE-2017-14315. The vulnerabilities were first reported by Armis, the asset intelligence cybersecurity company, on 12 September 2017.[1][2][4][5][6] According to Armis, "The BlueBorne attack vector can potentially affect all devices with Bluetooth capabilities, estimated at over 8.2 billion devices today [2017]."[1]

History

The BlueBorne security vulnerabilities were first reported by Armis, the asset intelligence cybersecurity company, on 12 September 2017.[1]

Technical Information

The BlueBorne vulnerabilities are a set of 8 separate vulnerabilities.[7] They can be broken down into groups based upon platform and type. There were vulnerabilities found in the Bluetooth code of the Android, iOS, Linux and Windows platforms:[8]

  • Linux kernel RCE vulnerability - CVE-2017-1000251[9]
  • Linux Bluetooth stack (BlueZ) information Leak vulnerability - CVE-2017-1000250[10]
  • Android information Leak vulnerability - CVE-2017-0785[11]
  • Android RCE vulnerability #1 - CVE-2017-0781[12]
  • Android RCE vulnerability #2 - CVE-2017-0782[13]
  • The Bluetooth Pineapple in Android - Logical Flaw CVE-2017-0783[14]
  • The Bluetooth Pineapple in Windows - Logical Flaw CVE-2017-8628[15]
  • Apple Low Energy Audio Protocol RCE vulnerability - CVE-2017-14315[16]

The vulnerabilities are a mixture of information leak vulnerabilities, remote code execution vulnerability or logical flaw vulnerabilities. The Apple iOS vulnerability was a remote code execution vulnerability due to the implementation of LEAP (Low Energy Audio Protocol). This vulnerability was only present in older versions of the Apple iOS.[17]

Impact

In 2017, BlueBorne was estimated to potentially affect all the 8.2 billion Bluetooth devices worldwide,[1] although they clarify that 5.3 billion Bluetooth devices are at risk.[18] Many devices are affected, including laptops, smart cars, smartphones and wearable gadgets.[1][2][4][5][6]

In 2018, after one year after the original disclosure, Armis estimated that over 2 billion devices were still vulnerable.[19][20]

Mitigation

Google provides a BlueBorne vulnerability scanner from Armis for Android.[21]

References

  1. 1.0 1.1 1.2 1.3 1.4 1.5 Staff (12 September 2017). "The Attack Vector "BlueBorne" Exposes Almost Every Connected Device". Armis.com. https://www.armis.com/blueborne/. 
  2. 2.0 2.1 2.2 Staff (12 September 2017). "BlueBorne - Protecting the Enterprise from BlueBorne". Armis.com. https://go.armis.com/hubfs/BlueBorne%20Technical%20White%20Paper.pdf. 
  3. Biggs, Jpohn (12 September 2017). "New Bluetooth vulnerability can hack a phone in 10 seconds". TechCrunch. https://techcrunch.com/2017/09/12/new-bluetooth-vulnerability-can-hack-a-phone-in-ten-seconds/. 
  4. 4.0 4.1 Newman, Lily Hay (13 September 2017). "Hey, Turn Bluetooth Off When You're Not Using It". Wired. https://www.wired.com/story/turn-off-bluetooth-security/. Retrieved 5 January 2018. 
  5. 5.0 5.1 Hildenbrand, Jerry (16 September 2017). "Let's talk about Blueborne, the latest Bluetooth vulnerability". AndroidCentral.com. https://www.androidcentral.com/lets-talk-about-blueborne-latest-bluetooth-vulnerability. 
  6. 6.0 6.1 Kerner, Sean Michael (12 September 2017). "BlueBorne Bluetooth Flaws Put Billions of Devices at Risk". eWeek. http://www.eweek.com/security/blueborne-bluetooth-flaws-put-billions-of-devices-at-risk. 
  7. "BlueBorne Whitepaper". https://info.armis.com/rs/645-PDC-047/images/BlueBorne%20Technical%20White%20Paper_20171130.pdf. 
  8. "An Analysis of BlueBorne: Bluetooth Security Risks" (in en). https://duo.com/decipher/an-analysis-of-blueborne-bluetooth-security-risks. 
  9. "NVD - CVE-2017-1000251". https://nvd.nist.gov/vuln/detail/CVE-2017-1000251. 
  10. "NVD - CVE-2017-1000250". https://nvd.nist.gov/vuln/detail/CVE-2017-1000250. 
  11. "NVD - CVE-2017-0785". https://nvd.nist.gov/vuln/detail/CVE-2017-0785. 
  12. "NVD - CVE-2017-0781". https://nvd.nist.gov/vuln/detail/CVE-2017-0781. 
  13. "NVD - CVE-2017-0782". https://nvd.nist.gov/vuln/detail/CVE-2017-0782. 
  14. "NVD - CVE-2017-0783". https://nvd.nist.gov/vuln/detail/CVE-2017-0783. 
  15. "NVD - CVE-2017-8628". https://nvd.nist.gov/vuln/detail/CVE-2017-8628. 
  16. "NVD - CVE-2017-14315". https://nvd.nist.gov/vuln/detail/CVE-2017-14315. 
  17. "What is BlueBorne? An Apple Device FAQ" (in en-US). 2017-09-22. https://www.intego.com/mac-security-blog/what-is-blueborne-an-apple-device-faq/. 
  18. Smith, Ms (2017-09-12). "5.3 billion devices at risk for invisible, infectious Bluetooth attack" (in en). https://www.csoonline.com/article/3224365/53-billion-devices-at-risk-for-invisible-infectious-bluetooth-attack.html. 
  19. Osborne, Charlie. "Two billion devices still vulnerable to Blueborne flaws a year after discovery" (in en). https://www.zdnet.com/article/two-billion-devices-still-exposed-after-blueborne-vulnerabilities-reveal/. 
  20. "BlueBorne: One Year Later" (in en-US). 2018-09-13. https://www.armis.com/blog/blueborne-one-year-later/. 
  21. Staff (12 September 2017). "BlueBorne Vulnerability Scanner by Armis - 2017". Google. https://play.google.com/store/apps/details?id=com.armis.blueborne_detector&hl=en. 

External links



Retrieved from "https://handwiki.org/wiki/index.php?title=BlueBorne_(security_vulnerability)&oldid=3374925"