The vulnerabilities identified as CVE-2023-24023 extend beyond hardware and software configurations to the underlying architecture of the Bluetooth standard. This applies to versions 4.2 (released December 2014) through 5.4 (February 2023), with successful exploits confirmed across a slightly wider range of versions. Considering that Bluetooth is ubiquitous in billions of devices, including smartphones and laptops, the potential impact of BLuffs is significant.

How can security vulnerabilities be exploited?

The BLuffS series of attacks specifically targets the process of obtaining a session key, using four vulnerabilities to make the key weak and predictable. This manipulation allows attackers within Bluetooth range to decrypt previous sessions and modify future connections.

These attacks, including impersonation scenarios and man-in-the-middle (MitM) attacks, can be launched regardless of whether victims maintain a secure connection.

EURECOM researchers have made toolkits demonstrating these exploits publicly available on GitHub, and their findings, presented in a detailed paper, reveal vulnerabilities in devices ranging from smartphones to laptops and headsets, including Bluetooth versions 4.1 to 5.2.

The association responsible for the standard commented on the situation

In response to these findings, the Bluetooth Special Interest Group (Bluetooth SIG), the organization responsible for the communications standard, published a statement. To eliminate the identified vulnerabilities, they call on manufacturers to strengthen protection by implementing more robust encryption settings and switching to “secure connections only” mode when pairing.

Researchers at EURECOM also proposed methods to protect the wireless protocol without compromising backward compatibility with previously released vulnerable devices.