A huge security hole has been discovered in the Bluetooth functionality of Android. This flaw can allow nearby hackers to steal personal data and spread malware without any user action being required. Google fixed this flaw in its cumulative patch of February 2020.
German cyber security specialist ERNW has discovered a serious security flaw in the Bluetooth support of some versions of Android.
Because of this flaw, hackers and other malicious persons in the vicinity can manage to connect to a smartphone and extract personal data or even install malware (short distance worm) without the victim having to confirm anything on the screen.
In fact, all that is required is that the victim is running on the correct versions of Android, and Bluetooth is enabled for the attack to be completed.
Hackers also cannot carry out their attack without the MAC address of the Bluetooth module. However, the researchers note, it is possible to deduce this address fairly easily from the MAC address of the WiFi module, which is much easier to obtain.
The ERNW researchers report that the presence of this flaw has been verified in Android Oreo 8.0 and Pie 9.0, but “even versions of Android prior to 8.0 can also be affected but we have not assessed the impact” the researchers say.
Update Required As Soon As Possible
On the other hand, if you are on Android 10 you are relatively safe: “on Android 10 this vulnerability is not exploitable for technical reasons and only results in a crash of the Bluetooth daemon”.
Note that the fact that bluetooth is now enabled by default on the latest versions of Android increases the potential risks around this vulnerability.
The bug has been reported upstream to Google and bears the reference CVE-2020-0022. Google fixed the issue in its cumulative security patch of February.
The manufacturer of your smartphone should quickly propose a security update that should fix the flaw. If your manufacturer does not yet offer it, ERNW researchers recommend taking the following precautions:
- Activate Bluetooth only when necessary and use the wired connection when using a headset.
- Exit your device from Bluetooth discovery mode if it is active.
For the time being, the researchers explain that they are waiting until as many users as possible have been able to install the patch before publishing more technical details on the exploitation of this flaw.