BlueBorne: A New Set of Bluetooth Vulnerabilities Endangering Every Connected Device

The IoT cybersecurity firm, Armis, has revealed eight vulnerabilities in the implementation of Bluetooth in several operating systems, including Android, Windows, Linux, and iOS, successful exploitation of which could allow hackers to take complete control of a device. Indeed, these are the most severe vulnerabilities found in Bluetooth in recent years and are worrying due to their ability to be spread over an air interface. They have been termed ‘The BlueBorne Vulnerabilities’.

Airborne attacks on mobile devices date back to the Cabir worm, an attack that presented the first proof of concept of a Bluetooth malware that was spread fast and wide, and even penetrated enclosed air-gapped networks.

The BlueBorne vulnerabilities are the result of a complex protocol which has been discarded and ignored by the research community for years, along with two common misconceptions regarding Bluetooth. The first misconception is that Bluetooth cannot be intercepted via the air, the second being that it always requires some sort of user interaction. The BlueBorne vulnerabilities prove both assumptions wrong as merely having Bluetooth on a device switched on renders it vulnerable to an attack.

What is crucial to understand here however is the sheer magnitude of this set of vulnerabilities. It is simply breathtaking; virtually any device with a Bluetooth interface is susceptible to at least one of BlueBorne’s vulnerability sets. Since the discovery of BlueBorne, all operating system manufactures have issued patches mitigating the vulnerabilities, and on iOS, the vulnerabilities only affect versions prior to iOS 10. On September 9^th 2017, Google issued a security update for its Android users.

Check Point SandBlast Mobile however can protect mobile devices from this threat, both on iOS and Android, by helping to verify that mobile devices on your network are in compliance with the latest OS versions and security patches.

In addition, any active exploitation of the Android Bluetooth stack will be detected by SandBlast Mobile on device detection, giving you an extra layer of protection.

Here’s how to make sure you are protected:

In Settings->Policy Settings->Device, change to the following configuration:

For iOS:

For Android:

See how use cases come to life through Check Point's customer stories.

See how use cases come to life through Check Point's customer stories.

See how use cases come to life through Check Point's customer stories.

AI-Powered Threat Prevention

AI-Powered Threat Prevention

AI-Powered Threat Prevention

AI-Powered Threat Prevention

AI-Powered Threat Prevention

Learn hackers inside secrets and beat them at their own game

Learn hackers inside secrets and beat them at their own game

Learn hackers inside secrets and beat them at their own game

Learn hackers inside secrets and beat them at their own game

Learn hackers inside secrets and beat them at their own game

Learn hackers inside secrets and beat them at their own game

Check Point is 100% Channel. Grow Your Business with Us!

See how use cases come to life through Check Point's customer stories.

BlueBorne: A New Set of Bluetooth Vulnerabilities Endangering Every Connected Device

You may also like

Shifting Attack Landscapes and Sectors in Q1 2024 with a 28% increase in cyber attacks globally

Not So Private After All: How Dating Apps Can Reveal Your Exact Location

Agent Tesla Targeting United States & Australia: Revealing the Attackers’ Identities

Beyond Imagining – How AI is actively used in election campaigns around the world