Why it matters: Over the past two years, we've written about several Bluetooth security flaws that reflect the magical fragility that allows us to pair devices wirelessly. Security researchers have recently discovered a new set of vulnerabilities that can control billions of devices that are damaged, frozen, or completely controlled, but this time it's not about the Bluetooth standard itself. Rather, it is the result of a poorly implemented device operating system that may or may not be fixed in the near future.
Researchers are concerned that some vendors may not want to address all of these issues exactly, which will certainly be difficult. However, the impact varies from device to device, with CVE-2021-28139 being the worst vulnerability because it allows an attacker to execute arbitrary code on the target device. Some devices are only vulnerable to denial of service attacks that corrupt the chipset operating system, or may hit a deadlock that disables the Bluetooth connection. However, a simple restart can usually fix this problem. Devices around the world ">
To be clear, 16 flaws do not affect the Bluetooth standard itself, but rather affect various applications made by chip vendors. Some defective devices are on the way, and researchers have postponed the release of confirmed violations until Next month For an in-depth study on BrakTooth and patch progress, be sure to check out the dedicated website.
There isn't much you can do about how to minimize issues, except to turn off Bluetooth when it's not in use and doesn't provide any Security updates for your devices.
New BrakTooth Bluetooth vulnerabilities affect billions of devices worldwide