New Bluetooth Vulnerability Leak Your Passcode to Hackers during Pairing
A recently discovered vulnerability in Bluetooth technology, known as CVE-2020-26558, offers a serious security risk to devices that support several Bluetooth Core Specifications.
This vulnerability, called "Impersonation in the Passkey Entry Protocol," affects devices that use the Passkey Entry association model in BR/EDR Secure Simple Pairing, Secure Connections Pairing, and LE Secure Connections Pairing.
Vulnerability Details
The issue exists in Bluetooth Core Specifications ranging from version 2.1 to 5.4 for BR/EDR and version 4.2 to 5.4 for LE Secure Connections.
It enables a man-in-the-middle (MITM) attacker to abuse the pairing process by responding to an initiating device with a public key whose X coordinate is identical to that of the peer device.
Using constructed responses, the attacker can discover the passkey used during the pairing session, resulting in an authenticated pairing procedure with both the initiating and replying devices.
According to the Bluetooth report, this attack requires the attacker to be within wireless range of two vulnerable Bluetooth devices that are pairing or bonding. The attack is specifically designed for cases in which a BR/EDR or LE IO Capabilities exchange results in the selection of the Passkey pairing mechanism.
Recommendation and Mitigation
To reduce this danger, Bluetooth Core Specification 5.4 recommends that devices reject a pairing operation if a peer's public key X coordinate matches that of the local device, unless a debug key is utilized. This check is made obligatory in Bluetooth Core Specification 6.0.
Experts urge that manufacturers and developers follow these instructions and upgrade their implementations to meet the most recent specifications. Ensuring that devices reject public keys with matching X coordinates can help prevent MITM attacks and improve overall security.
The Bluetooth Special Interest Group (SIG) underlines the necessity of using up-to-date security procedures to protect against vulnerabilities such as CVE-2020-26558. Users are recommended to frequently update their devices and stay up to speed on security updates supplied by device manufacturers.
As Bluetooth technology advances, maintaining strong security measures is critical for protecting personal data and ensuring secure wireless connections.
Source: Cyber Security News