We detect you are using an unsupported browser. For the best experience, please visit the site using Chrome, Firefox, Safari, or Edge. X

Bluetooth BR/EDR Security Vulnerability


Researchers have identified a security vulnerability, known as Key Negotiation of Bluetooth (KNOB), that affects Bluetooth Classic devices (devices using BR/EDR connections). Devices that are Bluetooth Low Energy (BLE) only are not affected by this vulnerability.

Exploiting this vulnerability, an attacker can reduce the negotiated encryption key length to a single octet, allowing a brute force attack to decrypt the data and inject data into a Bluetooth connection. To leverage this vulnerability, the attacker must be within RF range of both devices, have RF capabilities to block and manipulate Bluetooth frames and then run the attack. 

What You Need to Know


  • Key Negotiation of Bluetooth or “KNOB" only applies to Bluetooth Classic and Dual mode devices (BLE-only chipsets and modules are not affected)
  • KNOB relates to the lack of a minimum encryption key requirement in the Bluetooth SIG specification
  • The Bluetooth SIG changed this requirement to a minimum value of seven octets
  • If one device is updated to enforce the seven-octet minimum key length, the connection is protected as the key is too long for a brute force attack
  • The challenge to the embedded industry is that many end products, including those developed by our clients, do not have the capability to perform a firmware update
  • Since most connections involve a phone, tablet, or a PC, patches are already available from Microsoft®, Apple®, Android™, Cisco® and Blackberry® and will be available from other PC or phone vendors soon 
  • We are currently investigating the impact to existing products as well as possible software fixes for our products

Microchip Bluetooth Products Status


Family Affected by This Vulnerability Will It Be Fixed? Expected Timeline for Fix

Bluetooth® Classic/Dual Mode

BM78/RN4678/IS1678 Yes Yes - Flash parts only Exact timeline is TBD
RN41/RN42 Yes No  
       

Bluetooth Audio

BM83/IS2083BM Yes Yes Fixed
BM64/IS2064GM Yes Yes Exact timeline is TBD
BM62/IS2062GM Yes No Fix is planned for future products
IS2008/2010/2013/2015/2020/
2021/2022/2023/2025
Yes No  
BM20, BM23 Yes No  
RN52 Yes No  
       

BLE-Only Devices

SAM B11/BTLC No (supports BLE only)    
BM7x/RN487x No (supports BLE only)    
WILC3000 No (supports BLE only)    
WILC3400 No (supports BLE only)    
RN4020 No (supports BLE only)