Wireless Security - Bluetooth Threats
Every technology you can meet today has its unique set of threats and vulnerability, and Bluetooth is no different. Threats and vulnerabilities of Bluetooth technology may arise from the bunch of following origins −
Bad coding during development of RFCOMM stack implementation
- Failures in secure stack implementation may lead to buffer overflows.
- Some manufacturers may not be releasing any patches for the original version of their codes they deploy on end-devices.
Re-use of older services for different protocols
- Some highly privileged services are left open.
IrMC Permissions
- IrMC defines a set of access permissions for common Bluetooth objects.
- Permissions are sometimes not followed or just open, leading to exploitation of open IrMC services.
All the mentioned vulnerabilities do not directly say - what are really the threats of using Bluetooth devices (knowing that those vulnerabilities exist). To name just a few, the attacker might be able to −
- Steal the information.
- Perform a DoS attack on the end-device using Bluetooth.
- Remotely execute code.
- Inject viruses or worms.
- Inject crafted connections to go via a Bluetooth device (working as proxy).
No comments:
Post a Comment