We detect you are using an unsupported browser. For the best experience, please visit the site using Chrome, Firefox, Safari, or Edge. X
Maximize Your Experience: Reap the Personalized Advantages by Completing Your Profile to Its Fullest. Update Here
Stay in the loop with the latest from Microchip. Update your profile while you are at it. Update Here
Complete your profile to access more resources. Update Here
Cross-reference search

Bluetooth® Impersonation Attacks (BIAS)

Microchip is aware of a Bluetooth security vulnerability named BIAS. This is a vulnerability found in the Bluetooth Core Specification that impacts Secure Connections in Bluetooth Classic. Bluetooth Low Energy (LE) Secure Connections as part of the Bluetooth LE specification is not affected.

We have determined that this vulnerability affects some Microchip products. We take all security issues very seriously and we are currently working on firmware updates to resolve this vulnerability.

Potential Impact of BIAS Vulnerability

The vulnerability has the potential to attack paired Bluetooth devices using mutual authentication as part of Secure Connections. In a successful attack, the attacker can impersonate one side of a paired connection. If one side is patched to address this vulnerability, then the pairing will be secure.

Product Status and Resolution

The table below lists Microchip products affected by the BIAS vulnerability and information about a proposed resolution. This page will be updated on a regular basis as we make progress on resolving this vulnerability.

Device FamilyWill It Be Fixed?How Fix Will Be DeliveredAdditional Information
BM78YesNew firmware and moduleFirmware: May/June 2020
Module: August 2020
RN4678YesNew firmware and moduleFirmware: June/July2020
Module: September 2020
BM20YesNew patch codeTBD
BM23NoN/AMature product, not recommended for new designs, consider BM83
BM62YesNew firmwareTBD
BM63NoN/AMature product, not recommended for new designs, consider BM83
BM64YesNew firmware and moduleTBD
BM83YesNew firmware and moduleTBD
RN41NoN/AMature product, not recommended for new designs, consider RN4678
RN42NoN/AMature product, not recommended for new designs, consider RN4678
BM90NoN/AMature product, not recommended for new designs, consider BM83
RN52NoN/AMature product, not recommended for new designs, consider BM83
BM77NoN/AMature product, not recommended for new designs, consider RN4678
RN4677NoN/AMature product, not recommended for new designs, consider RN4678

Live Chat

Need Help?

Privacy Policy