A new Bluetooth vulnerability allows hackers to launch RCE attacks on user devices.
Bluetooth is one of the widely used communication channel around the world. The ease of use and the popularity that Bluetooth has makes it one of the most favorite target of hackers. BleedingTooth is the new vulnerability which was recently detected by security researchers.
A caveat is that only Linux devices can be targeted this way. The vulnerability is still is pretty lethal as privilege escalation is a possibility when the flaw is exploited. The vulnerability is found in a piece of software named BlueZ which is responsible for all Bluetooth based connections and other implementations in Linux systems.
The hackers can use this vulnerability to steal data from the users if there is a lack of proper access control in BlueZ. BleedingTooth can also lead to a major DDoS attack that can be easily executed.
Intel has also reported about these vulnerabilities in their report. The vulnerability has been termed as CVE-2020-12351 and has a severity score of 8.3 out of 10. The security patches for this vulnerabilities has been issued and must be downloaded by the users to protect their systems.
NPAV recommends users to keep their systems and software updated. These updates have all the required patches which will cover all the existing vulnerabilities. Users must stop using Bluetooth until these patches have been installed on their system.
Install NPAV on your devices to keep them protected from all kinds of cyber attacks. Use NPAV and join us on a mission to secure the cyber world.