Bluetooth vulnerability found on Apple and Android smartphones

26 July 2018

According to specialists at CERT, a wide range of Bluetooth-enabled devices have a serious security vulnerability and it's not limited to just smartphones either - PCs, tablets and other devices need a fix ASAP.

The issue resides within the data encryption process when information is transferred from one device to another. There's a missing check in the keys (Diffie-Hellman key exchange), so a hacker who's within Bluetooth range can intercept basically all the data that's being transferred. That includes not only notifications but also security codes for two-factor authentication.

All devices that use Qualcomm, Intel or Broadcom chips are vulnerable. But there's good news and some bad news. The good news is that users who have applied the security patch since June are in the clear but those who haven't need to be more cautious and install the latest software update as soon as it becomes available.

Source

Related