Singapore University of Technology and Design researchers have revealed a family of 20 vulnerabilities, which they collectively dubbed BrakTooth, that affect more than 1,400 products based on 13 different Bluetooth devices sold by 11 of the world’s leading vendors.
BrakTooth can reportedly be exploited to conduct DoS attacks and enable arbitrary code execution (ACE) on target devices. DoS attacks can disrupt the victim’s Bluetooth connection or, in some cases, require Bluetooth connectivity to be restarted manually. ACE can be used to erase user data, disable wireless connectivity, or interact with other devices.
BrakTooth only enables ACE on the ESP32 system on chip (SoC) made by Espressif Systems. The ESP32 is commonly found in IoT devices as well as industrial systems. The SoC is so common that exploit actually uses an ESP32 development kit to conduct attacks on target devices.null
The researchers said they disclosed BrakTooth to all of the affected vendors. Few companies have already released firmware patches to address the vulnerability, others are investigating the issue, and a few have said they don’t plan to fix the flaw. Here’s the breakdown:
The Singapore University of Technology and Design researchers said they don’t plan to publicly release the full proof of concept exploit until the end of October 2021 because that’s when Intel is supposed to patch its devices.