Vulnerabilities collectively referred to as BrakTooth are affecting Bluetooth stacks implemented on system-on-a-chip (SoC) circuits from over a dozen vendors.
The set of issues impact a wide variety of devices, from consumer electronics to industrial equipment. The associated risk ranges from denial-of-service, deadlock condition of the device to arbitrary code execution.
Wide variety of products impacted
Researchers from the Singapore University of Technology and Design have published details about BrakTooth - a new family of security vulnerabilities in commercial Bluetooth stacks.
They assessed 13 Bluetooth devices from close to a dozen SoC vendors counting Intel, Qualcomm, Texas Instruments, and Cypress.
BT SoC Vendor
BT SoC
Dev. Kit / Product
Sample Code
Intel (BT 5.2)
AX200
Laptop Forge15-R
N.A
Qualcomm (BT 5.2)
WCN3990
Xioami Pocophone F1
N.A
Texas Instruments (BT 5.1)
CC2564C
CC256XCQFN-EM
SPPDMMultiDemo
Zhuhai Jieli Technology (BT 5.1)
AC6366C
AC6366C_DEMO_V1.0
app_keyboard
Cypress (BT 5.0)
CYW20735B1
CYW920735Q60EVB-01
rfcomm_serial_port
Bluetrum Technology (BT 5.0)
AB5301A
AB32VG1
Default
Zhuhai Jieli Technology (BT 5.0)
AC6925C
XY-WRBT Module
N.A
Actions Technology (BT 5.0)
ATS281X
Xiaomi MDZ-36-DB
N.A
Zhuhai Jieli Technology (BT 4.2)
AC6905X
BT Audio Receiver
N.A
Espressif Systems (BT 4.2)
ESP32
ESP-WROVER-KIT
bt_spp_acceptor
Harman International (BT 4.1)
JX25X
JBL TUNE500BT
N.A
Qualcomm (BT 4.0)
CSR 8811
Laird DVK-BT900-SA
vspspp.server.at
Silabs (BT 3.0+HS)
WT32i
DKWT32I-A
ai-6.3.0-1149
Digging deeper, the researchers discovered that more than 1,400 product listings are affected by BrakTooth, and the list includes but is not limited to the following types of devices:
Support the originator by clicking the read the rest link below.
![[DiyOtaku] Gives Old Devices A New Life](upload/news/image_1714723213_17994018.png)
