Critical Bluetooth flaw opens millions of devices to eavesdropping attacks - Help Net Security

Critical Bluetooth flaw opens millions of devices to eavesdropping attacks - Help Net Security

A newly disclosed vulnerability (CVE-2019-9506) in the Bluetooth Core Specification can be exploited by attackers to intercept and manipulate Bluetooth communications/traffic between two vulnerable devices.



Researchers Daniele Antonioli, Nils Ole Tippenhauer and Kasper Rasmussen discovered the flaw and demonstrated a practical Key Negotiation Of Bluetooth (KNOB) attack taking advantage of it.


They also shared their discovery with the Bluetooth Special Interest Group (Bluetooth SIG), the CERT Coordination Center, and members of the International Consortium for Advancement of Cybersecurity on the Internet (ICASI), which include Intel, Microsoft, Cisco, Juniper and IBM. Most ..