- Embedded Wi-Fi
- Low Power Wide Area Networks
- Embedded Wireless
- Design Partners
- 3rd Party Module Partners
- RED Frequently Asked Questions
- Over-the-Air Updates
BlueBorne Attack Vector
BlueBorne is a recently published attack vector that exploits security gaps in Bluetooth classic connections and can be used to execute malicious code on affected devices. More details about the specific vulnerabilities can be found below.
Effect on Microchip Products
Products that have no vulnerabilities
Products that require customer attention
The BlueBorne attack vectors exploits security gaps in the host Bluetooth stack implementation and is not related in any way to the ATWILC3000 firmware or driver implementation.
- The recommended fix is to patch the Host layers that the attack is using
- On the host BT stack ensuring the device remains in IDLE state by not enabling Page/ Inquiry scan at any time and that it will never initiate any Bluetooth connection setting the device into Page/ Inquiry states.
- New firmware release is planned (15.01) that will disable Bluetooth classic operation and will ensure these vulnerabilities can’t be exploited – Estimated date 01/2018.
BlueBorne targets vulnerabilities in Android and Linux BlueDroid and BlueZ stack implementation which allows RCE (Remote Code Execution) on the host within high privileged process and/or kernel space. The BlueBorne attack vector exploits the following eight vulnerabilities in the host Bluetooth stack implementation and is not related in any way to the Microchip Bluetooth device Firmware or driver implementation.
- Linux kernel RCE vulnerability – CVE-2017-1000251
- Linux Bluetooth stack (BlueZ) information Leak vulnerability – CVE-2017-1000250
- Android information Leak vulnerability – CVE-2017-0785
- Android RCE vulnerability #1 – CVE-2017-0781
- Android RCE vulnerability #2 – CVE-2017-0782
- The Bluetooth Pineapple in Android – Logical Flaw CVE-2017-0783
- The Bluetooth Pineapple in Windows – Logical Flaw CVE-2017-8628
- Apple Low Energy Audio Protocol RCE vulnerability – CVE-2017-14315
- The correct and recommended fix for this attack is to patch the Host layers that the attack targets.
- SMP (Security Management Protocol): The exposed services can limit access to its features to fully paired devices (Authenticated), ‘Just Works’ mode is essential for devices with no IO capabilities but it marks the connected device to be unauthenticated so that access to unintended services will be prohibited. Service implementer should be aware of access permissions of different features.
For more information visit the Blueborne website.