Two New Bluetooth Chip Flaws Expose Millions of Devices to Remote Attacks
– Swati Khandelwal
Security researchers have unveiled details of two critical vulnerabilities in Bluetooth Low Energy (BLE) chips embedded in millions of access points and networking devices used by enterprises around the world. The vulnerability is called as BleedingBit which allows remote attackers to execute arbitrary code and take control of devices.
This vulnerability affects medical devices such as insulin pumps and pacemakers, as well as point-of-sales and IoT devices. Discovered by researchers at Israeli security firm Armis, the vulnerabilities exist in Bluetooth Low Energy (BLE) Stack chips made by Texas Instruments (TI) that are being used by Cisco, Meraki, and Aruba in their enterprise line of products.
Following are two vulnerabilities CVE-2018-16986 and CVE-2018-7080 have their patches released by respective vendors.
Reference: http://community.mis.temple.edu/mis5206sec401fall18/2018/11/02/in-the-news/
Leave a Reply
You must be logged in to post a comment.