A Survey of Bluetooth Vulnerabilities Trends (2023 Edition)

    Published: 2023-02-07
    Last Updated: 2023-02-07 11:02:12 UTC
    by Yee Ching Tok (Version: 1)
    1 comment(s)

    The use of Bluetooth-enabled devices remains popular. New products (such as mobile phones, laptops and fitness trackers) still support this protocol and have even launched with more recent versions (e.g. Samsung S23 family of phones, iPhone 14 and 14 Pro, Apple Watch Series 8/SE/Ultra all shipped with Bluetooth 5.3). I had previously written about surveying the trend of Bluetooth vulnerabilities back in 2021 [1]. As roughly a year or so has passed, it was a timely moment to review how things may have evolved with respect to the vulnerabilities discovered. Compared to the previous diary, the current Bluetooth core specification has been bumped up to 5.3 (from 5.2 as compared to the previous diary) [2].

    Firstly, to get an overview of the current situation, I turned to the CVE List hosted by MITRE and searched for Bluetooth-related vulnerabilities. At the point of writing, there was a total of 647 publicly listed vulnerabilities related to Bluetooth [3]. From the time since I last wrote the diary (May 2021), there was an increase of 202 publicly disclosed vulnerabilities. To further illustrate the trend, I updated the previously plotted graph (Figure 1 below). There were minor updates to the number of vulnerabilities disclosed (e.g. 2019 and 2020), probably due to the lifting of embargoed vulnerability listing as they have been patched (or perhaps not being fixed after a certain period of non-disclosure). We also do not distinguish between Bluetooth Classic and Bluetooth Low Energy (LE) in the graph.

    Bluetooth Vulnerabilities from the Year 2002 to 2022

    Figure 1: Bluetooth Vulnerabilities from the Year 2002 to 2022

    We can see that the vulnerabilities disclosed in 2022 have increased to near 2019 levels (112 vs 113). This came as no surprise, as the year 2022 was an eventful year for Bluetooth vulnerabilities. Notable attacks such as Blacktooth [4], Bluetooth Address Tracking (BAT) [5] and Bluetooth Physical-Layer Relay Attacks [6] were disclosed. The impacts were significant – the vulnerabilities affected many products, such as Tesla cars, smart locks and mobile phones. It was heartening to see that the researchers also suggested ways to fix the discovered issues and worked with the Bluetooth SIG to resolve the vulnerabilities.

    It would be interesting to see what 2023 would be like for Bluetooth – would there be more implementation or protocol design vulnerabilities reported to the Bluetooth SIG? Will there be closer collaboration between product vendors and System-on-Chip (SoC) vendors in rolling out security updates for the Bluetooth implementations in the affected devices? Although it appears that the number of Bluetooth vulnerabilities being discovered is rising again, we can take comfort that at least a vital protocol is being examined and improved upon.

     

    References:

    [1] https://isc.sans.edu/diary/27460

    [2] https://www.bluetooth.com/wp-content/uploads/2021/01/Bluetooth_5.3_Feature_Enhancements_Update.pdf

    [3] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=bluetooth

    [4] https://dl.acm.org/doi/abs/10.1145/3548606.3560668

    [5] https://dl.acm.org/doi/10.1145/3548606.3559372

    [6] https://dl.acm.org/doi/10.1145/3507657.3528536

    -----------
    Yee Ching Tok, ISC Handler
    Personal Site
    Mastodon
    Twitter

    Keywords: Bluetooth
    1 comment(s)
    ISC Stormcast For Tuesday, February 7th, 2023 https://isc.sans.edu/podcastdetail.html?id=8358

      Comments

      cwqwqwq
      eweew<a href="https://www.seocheckin.com/edu-sites-list/">mashood</a>
      WQwqwqwq[url=https://www.seocheckin.com/edu-sites-list/]mashood[/url]
      dwqqqwqwq mashood
      [https://isc.sans.edu/diary.html](https://isc.sans.edu/diary.html)
      [https://isc.sans.edu/diary.html | https://isc.sans.edu/diary.html]
      What's this all about ..?
      password reveal .
      <a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure:

      <a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.

      <a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission
      https://thehomestore.com.pk/

      Diary Archives