These Bluetooth security flaws could affect billions of devices

Vulnerabilities impact everything from speakers, home theaters, laptops, and even car infotainment systems

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Cybersecurityresearchers have shared details about a family of bluetooth vulnerabilities that were found on devices from about a dozen system-on-a-chip (SoC) vendors includingIntel, Qualcomm, Texas Instruments, and Cypress.

Collectively referred to as BrakTooth, the security vulnerabilities in the commercial bluetooth stacks were unearthed by researchers from the Singapore University of Technology and Design.

In their explanation, the researchers note that the vulnerabilities could be exploited for different types of attacks ranging from denial-of-service (DoS), to arbitrary code execution in certain Internet of Things (IoT) devices.

We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.

Click here to start the survey in a new window«

“As of today, we have evaluated 13 BT devices from 11 vendors. We have discovered a total of 16 new security vulnerabilities, with 20 common vulnerability exposures (CVEs) already assigned and four vulnerabilities are pending CVE assignment fromInteland Qualcomm,” note the researchers.

Widespread impact

According to the researchers, the affected bluetooth stacks can be found on all kinds of devices, from consumer electronics to industrial equipment.

Their research revealed that BrakTooth affects over 1400 different product types includinglaptops,smartphones,audio equipment, home entertainment systems, automotive infotainment systems, and more.

While the researchers only say that the number of individual products affected by BrakTooth would be “an order of magnitude higher,” considering the prevalence of the vulnerabilities across vendors and device types, it wouldn’t be wrong to assume that billions of bluetooth devices would be impacted.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

“All the vulnerabilities are already reported to the respective vendors, with several vulnerabilities already patched and the rest being in the process of replication and patching,” share the researchers, even as they encourage all bluetooth device vendors to use their proof-of-concept code to test their products against BrakTooth.

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics

This new phishing strategy utilizes GitHub comments to distribute malware

Smeg Combi Steam Oven review: a multi-functional countertop oven that looks stunning and cooks well