China discovered an important security vulnerability in the Bluetooth protocol

According to the official news of the University of Science and Technology of China, recently, the team of Professor Xue Kaiping of the School of Cyberspace Security of the University of Science and Technology of China has made important progress in the research on Bluetooth security of mobile devices. The team members have achieved an effective attack on the target device through Bluetooth protocol vulnerabilities without the user's perception, interaction, and malicious program cooperation.

Relevant research results were published at the ACM Conference on Computer and Communications Security 2022 (CCS 2022), the top conference in the field of network security, and won the Best Paper Honorable Mention award of the conference. During the research process, 7 high-risk vulnerabilities and 2 medium-risk vulnerabilities related to the Bluetooth protocol discovered by this research were graded and included by the National Information Security Vulnerability Sharing Platform (CNVD).

The research conducted a security analysis on the classic Bluetooth protocol, and for the first time discovered security vulnerabilities such as non-fixed roles of Bluetooth devices. Combined with known Bluetooth protocol vulnerabilities, it successively broke through various defense mechanisms such as classic Bluetooth authentication, encryption, and authorization. Without the user's perception and interaction and without the cooperation of malicious programs, the privilege escalation attack link is silently built, and the link is used to complete attacks such as command injection and information theft on the target device.

This research conducted extensive tests on various smart devices with mainstream operating systems such as Android, iOS, iPadOS, macOS, and HarmonyOS, found relevant vulnerabilities in all tested devices, and completed the attack process.

Ai Mingrui, a doctoral student from the School of Cyberspace Security, is the first author of the paper, and Professor Xue Kaiping from the School of Cyberspace Security is the corresponding author of the paper. The co-authors of the paper include Professor Robert, Professor Yu Nenghai, Researcher Sun Qibin from the School of Cyberspace Security, Professor Wu Feng from the School of Information Science and Technology...etc.

Post a Comment