Bluetooth Impersonation AttackS (BIAS) Vulnerability

Summary

When two Bluetooth wireless devices pair or bond for the first time, a long-term key is generated for future sessions without having to repeat the same bonding process each time. Researchers, who discovered KNOB (Key Negotiation of Bluetooth) attacks in the summer of 2019, also discovered a vulnerability in the Bluetooth wireless protocol, dubbed BIAS (Bluetooth Impersonation AttackS ). The vulnerability is in the post-bonding authentication process that allows attackers to spoof the identity of a previously-bonded device and successfully authenticate and connect to another device without the long-term key. Successful exploitation could provide an attacker with access or control over a Bluetooth device, including many smartphones, tablets, laptops, and smart IoT devices from Apple, Broadcom, Cypress, Intel, Samsung, and others. At the time of this writing, Bluetooth SIG updated the Bluetooth Core Specification; however, the status and availability of vendor updates are unclear.

Recommendations

The NJCCIC recommends users check with their device manufacturer and ensure they have applied the most recent update to their devices after appropriate testing. Additional recommendations and technical information can be found in the Bluetooth SIG press release and the ZDNet article.