Episode 115 – IoT Strikes Again – Bluetooth Flaw Impacts 20 Million Amazon and Google Home Devices
The Internet of Things lack of security focus strikes again! This times it is a flaw in Bluetooth dubbed BlueBorne than impacts billions of mobiles devices and now your home devices too.
This episode goes into the flaw, how it can be exploited and what you can do to protect yourself.
Here are the the flaws that were found –
- Information Leak Vulnerability in Android (CVE-2017-0785)
- Remote Code Execution Vulnerability (CVE-2017-0781) in Android’s Bluetooth Network Encapsulation Protocol (BNEP) service
- Remote Code Execution Vulnerability (CVE-2017-0782) in Android BNEP’s Personal Area Networking (PAN) profile
- The Bluetooth Pineapple in Android?Logical flaw (CVE-2017-0783)
- Linux kernel Remote Code Execution vulnerability (CVE-2017-1000251)
- Linux Bluetooth stack (BlueZ) information leak vulnerability (CVE-2017-1000250)
- The Bluetooth Pineapple in Windows?Logical flaw (CVE-2017-8628)
- Apple Low Energy Audio Protocol Remote Code Execution vulnerability (CVE Pending)
You can look up the CVE definitions here – http://www.cvedetails.com/
Be aware, be safe.
————————————
Website – https://binaryblogger.com
Podcast RSS – http://securityinfive.libsyn.com/rss
Twitter @binaryblogger – https://www.twitter.com/binaryblogger
iTunes – https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2
YouTube – https://www.youtube.com/binaryblogger
TuneIn Radio – Security In Five Channel
iHeartRadio – Security In Five Channel
Email – contactme@binaryblogger.com