A collection of Bluetooth implementation vulnerabilities known as "BlueBorne" has been released. These vulnerabilities collectively affect Windows, iOS, and Linux-kernel-based operating systems including Android and Tizen, and may in worst case allow an unauthenticated attacker to perform commands on the device.
The following vulnerabilities have been identified in various Bluetooth implementations:
1. CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') - CVE-2017-1000251
An unauthenticated, remote attacker may be able to obtain private information about the device or user, or execute arbitrary code on the device.
Apply an update
Disable Bluetooth on your device
Android Open Source Project Affected
Microsoft Corporation Affected
Samsung Mobile Affected
Technicolor Not Affected
Barnes and Noble Unknown
Huawei Technologies Unknown
Kyocera Communications Unknown
LG Electronics Unknown
Motorola, Inc. Unknown
Sony Corporation Unknown
These vulnerabilities were publicly disclosed by Ben Seri and Gregory Vishnepolsky of Armis. Armis acknowledges Alon Livne for the Linux RCE (CVE-2017-1000251) exploit.
This document was written by Garret Wassermann.