BlueBorne (security vulnerability)
BlueBorne is a type of security vulnerability with Bluetooth implementations in Android, iOS, Linux and Windows.[1][2][3] It affects many electronic devices such as laptops, smart cars, smartphones and wearable gadgets. One example is CVE-2017-14315. The vulnerabilities were first reported by Armis, the asset intelligence cybersecurity company, on 12 September 2017.[1][2][4][5][6] According to Armis, "The BlueBorne attack vector can potentially affect all devices with Bluetooth capabilities, estimated at over 8.2 billion devices today [2017]."[1]
History
The BlueBorne security vulnerabilities were first reported by Armis, the asset intelligence cybersecurity company, on 12 September 2017.[1]
Technical Information
The BlueBorne vulnerabilities are a set of 8 separate vulnerabilities.[7] They can be broken down into groups based upon platform and type. There were vulnerabilities found in the Bluetooth code of the Android, iOS, Linux and Windows platforms:[8]
- Linux kernel RCE vulnerability - CVE-2017-1000251[9]
- Linux Bluetooth stack (BlueZ) information Leak vulnerability - CVE-2017-1000250[10]
- Android information Leak vulnerability - CVE-2017-0785[11]
- Android RCE vulnerability #1 - CVE-2017-0781[12]
- Android RCE vulnerability #2 - CVE-2017-0782[13]
- The Bluetooth Pineapple in Android - Logical Flaw CVE-2017-0783[14]
- The Bluetooth Pineapple in Windows - Logical Flaw CVE-2017-8628[15]
- Apple Low Energy Audio Protocol RCE vulnerability - CVE-2017-14315[16]
The vulnerabilities are a mixture of information leak vulnerabilities, remote code execution vulnerability or logical flaw vulnerabilities. The Apple iOS vulnerability was a remote code execution vulnerability due to the implementation of LEAP (Low Energy Audio Protocol). This vulnerability was only present in older versions of the Apple iOS.[17]
Impact
In 2017, BlueBorne was estimated to potentially affect all the 8.2 billion Bluetooth devices worldwide,[1] although they clarify that 5.3 billion Bluetooth devices are at risk.[18] Many devices are affected, including laptops, smart cars, smartphones and wearable gadgets.[1][2][4][5][6]
In 2018, after one year after the original disclosure, Armis estimated that over 2 billion devices were still vulnerable.[19][20]
Mitigation
Google provides a BlueBorne vulnerability scanner from Armis for Android.[21] Procedures[clarification needed] to help protect devices from the BlueBorne security vulnerabilities were reported by September 2017.[22][23][24][needs update]
References
- ^ a b c d e f Staff (12 September 2017). "The Attack Vector "BlueBorne" Exposes Almost Every Connected Device". Armis.com. Retrieved 5 January 2018.
- ^ a b c Staff (12 September 2017). "BlueBorne - Protecting the Enterprise from BlueBorne" (PDF). Armis.com. Archived from the original (PDF) on 20 December 2017. Retrieved 5 January 2018.
- ^ Biggs, Jpohn (12 September 2017). "New Bluetooth vulnerability can hack a phone in 10 seconds". TechCrunch. Retrieved 5 January 2018.
- ^ a b Newman, Lily Hay (13 September 2017). "Hey, Turn Bluetooth Off When You're Not Using It". Wired. Retrieved 5 January 2018.
- ^ a b Hildenbrand, Jerry (16 September 2017). "Let's talk about Blueborne, the latest Bluetooth vulnerability". AndroidCentral.com. Retrieved 5 January 2018.
- ^ a b Kerner, Sean Michael (12 September 2017). "BlueBorne Bluetooth Flaws Put Billions of Devices at Risk". eWeek. Retrieved 5 January 2018.
- ^ "BlueBorne Whitepaper" (PDF). Archived (PDF) from the original on 5 May 2020.
- ^ "An Analysis of BlueBorne: Bluetooth Security Risks". Decipher. Retrieved 28 July 2021.
- ^ "NVD - CVE-2017-1000251". nvd.nist.gov. Retrieved 28 July 2021.
- ^ "NVD - CVE-2017-1000250". nvd.nist.gov. Retrieved 28 July 2021.
- ^ "NVD - CVE-2017-0785". nvd.nist.gov. Retrieved 28 July 2021.
- ^ "NVD - CVE-2017-0781". nvd.nist.gov. Retrieved 28 July 2021.
- ^ "NVD - CVE-2017-0782". nvd.nist.gov. Retrieved 28 July 2021.
- ^ "NVD - CVE-2017-0783". nvd.nist.gov. Retrieved 28 July 2021.
- ^ "NVD - CVE-2017-8628". nvd.nist.gov. Retrieved 28 July 2021.
- ^ "NVD - CVE-2017-14315". nvd.nist.gov. Retrieved 28 July 2021.
- ^ "What is BlueBorne? An Apple Device FAQ". The Mac Security Blog. 22 September 2017. Retrieved 28 July 2021.
- ^ Smith, Ms (12 September 2017). "5.3 billion devices at risk for invisible, infectious Bluetooth attack". CSO Online. Retrieved 28 July 2021.
- ^ Osborne, Charlie. "Two billion devices still vulnerable to Blueborne flaws a year after discovery". ZDNet. Retrieved 28 July 2021.
- ^ "BlueBorne: One Year Later". Armis. 13 September 2018. Retrieved 28 July 2021.
- ^ Staff (12 September 2017). "BlueBorne Vulnerability Scanner by Armis - 2017". Google. Retrieved 5 January 2018.
- ^ Staff (15 September 2017). "Information on new BlueBorne security vulnerability". Cornell University. Retrieved 5 January 2018.
- ^ Meyer, David (13 September 2017). "How to Check If You're Exposed to Those Scary BlueBorne Bluetooth Flaws". Fortune. Retrieved 5 January 2018.
- ^ Geiger, Erik (20 September 2017). ""BlueBorne" Exposes Millions of Bluetooth Devices". Wisconsin University. Archived from the original on 5 January 2018. Retrieved 5 January 2018.
External links
- Official website
- v
- t
- e
← 2000s | Timeline | 2020s → |
persistent threats
- Bangladesh Black Hat Hackers
- Bureau 121
- Charming Kitten
- Cozy Bear
- Dark Basin
- DarkMatter
- Elfin Team
- Equation Group
- Fancy Bear
- GOSSIPGIRL (confederation)
- Guccifer 2.0
- Hacking Team
- Helix Kitten
- Iranian Cyber Army
- Lazarus Group (BlueNorOff) (AndAriel)
- NSO Group
- Numbered Panda
- PLA Unit 61398
- PLA Unit 61486
- PLATINUM
- Pranknet
- Red Apollo
- Rocket Kitten
- Stealth Falcon
- Syrian Electronic Army
- Tailored Access Operations
- The Shadow Brokers
- xDedic
- Yemen Cyber Army
publicly disclosed
- Evercookie (2010)
- iSeeYou (2013)
- Heartbleed (2014)
- Shellshock (2014)
- POODLE (2014)
- Rootpipe (2014)
- Row hammer (2014)
- SS7 vulnerabilities (2014)
- WinShock (2014)
- JASBUG (2015)
- Stagefright (2015)
- DROWN (2016)
- Badlock (2016)
- Dirty COW (2016)
- Cloudbleed (2017)
- Broadcom Wi-Fi (2017)
- EternalBlue (2017)
- DoublePulsar (2017)
- Silent Bob is Silent (2017)
- KRACK (2017)
- ROCA vulnerability (2017)
- BlueBorne (2017)
- Meltdown (2018)
- Spectre (2018)
- EFAIL (2018)
- Exactis (2018)
- Speculative Store Bypass (2018)
- Lazy FP state restore (2018)
- TLBleed (2018)
- SigSpoof (2018)
- Foreshadow (2018)
- Dragonblood (2019)
- Microarchitectural Data Sampling (2019)
- BlueKeep (2019)
- Kr00k (2019)
2010 |
|
---|---|
2011 | |
2012 | |
2013 | |
2014 | |
2015 | |
2016 | |
2017 | |
2018 | |
2019 |
|