Bluetooth plays a major role in modern society whether it’s connectivity for music or the keyboard used to type on. Corporations around the world have also adopted access points as well as other network devices that also use Bluetooth, for example, a local area network (LAN) that uses a wireless access point. This becomes a problem when vulnerabilities such as BleedingBit arise, allowing cybercriminals to place arbitrary code and operate with full capabilities on a susceptible device. Bluetooth Low Energy (BLE) Stack chips made by Texas Instruments are specifically where the vulnerabilities lie. Identified first was CVE-2018-16986 in TI chips CC2640 and CC2650 which are used in quite a few Meraki and Cisco Wi-Fi access points. Using a buffer overflow attack, malicious code is able to be placed on the devices. For this to be pulled off, the attacker must be near the targeted device, but once they’re in they can pull their stunts over the internet. The second vulnerability affected four more chips than the previous, CC2642R2, CC2640R2, CC2640, CC2650, CC2540, and CC2541 were the ones in the Aruba Series 300 devices that were hit. “By default, the Over the Air firmware Download (OAD) feature is not automatically configured to address secure firmware updates. It allows a simple update mechanism of the firmware running on the BLE chip over a GATT transaction. An attacker… can connect to the BLE chip on a vulnerable access point and upload a malicious firmware containing the attacker’s own code, effectively allowing a completely rewrite its operating system, thereby gaining full control over it,” researchers explained. Patches have already been issued by the affected companies and vendors aren’t aware of the zero-day vulnerabilities being passed around in the wild.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security