Security researchers have disclosed a dozen flaws in the implementation of the Bluetooth Low Energy technology on multiple system-on-a-chip (SoC) circuits that power at least 480 from various vendors.
Collectively named SweynTooth, the vulnerabilities can be used by an attacker in Bluetooth range can crash affected devices, force a reboot by sending them into a deadlock state, or bypass the secure BLE pairing mode and access functions reserved for authorized users.
Devices running on SoCs from Texas Instruments, NXP, Cypress, Dialog Semiconductors, Microchip, STMicroelectronics, and Telink Semiconductor are impacted by SweynTooth. However, SoCs from other vendors may contain SweynTooth flaws.
A group of three researchers (Matheus E. Garbelini, Sudipta Chattopadhyay, and Chundong Wang) from the Singapore University of Technology and Design found the vulnerabilities in 15 SoCs from the aforementioned vendors, six of them being unpatched at the moment of the disclosure.
... ... ...