A new Bluetooth vulnerability has been discovered that can be exploited by a remote attacker to capture the sensitive information being transferred between two devices. Since Bluetooth feature is available in almost all the phones (including the feature phones and dumb phones), wireless speakers, cordless headphones, media players and many other devices, this vulnerability puts all these millions of devices at risk.
Typically Bluetooth signal is available over an average distance of 30 meters. This means a potential attacker can exploit the vulnerability in a crowded place like a public park or mall to scan for the vulnerable devices and obtain their encryption key that is used when pairing of two or more devices is done over Bluetooth. Once the encryption key is obtained, it can be used to decrypt the communication. This allows a potential attacker to listen to your phone calls made using a headset that many business persons use to make calls while keeping their hands free or to capture the files that you are sending to your friends’ phone.
The solution according to CERT is to apply an update that should be made available by your device manufacturer or the operating system developer. The update will include both the software updates (device drivers) and the firmware update (depending on the OS and the device).
Not all the platforms are affected by this new Bluetooth vulnerability. For example, Microsoft Windows’ Bluetooth stack stays unaffected – this means that if you have not installed manufacturer supplied drivers for Bluetooth in Windows, then you are safe. Apple has already released updates for Mac OS and iOS to fix this vulnerability. Android and Google are affected and you should quickly update your device when firmware updates are made available from your device manufacturer.
You can find more information about this Bluetooth vulnerability from https://www.kb.cert.org/vuls/id/304725.