BrakTooth Bluetooth vulnerability exposes millions of Windows and Android devices

Reading time icon 1 min. read


Readers help support MSPoweruser. When you make a purchase using links on our site, we may earn an affiliate commission. Tooltip Icon

Read the affiliate disclosure page to find out how can you help MSPoweruser effortlessly and without spending any money. Read more

A large collection of vulnerabilities have been found in Bluetooth chipsets across a range of popular SoC OEMs including Intel, Qualcomm, Texas Instruments, Infineon (Cypress), Silicon Labs and others.

The group of hacks have been dubbed BrakTooth and their impact can range from simply crashing devices using specially crafted Bluetooth Link Manager Protocol packets to executing arbitrary code (CVE-2021-28139).

The hacks have been found on 13 boards from 11 vendors, but may affect as many as 1,400 chipsets.

Products impacted include laptops and desktops from Dell (Optiplex, Alienware), Microsoft Surface devices (Go 2, Pro 7, Book 3), and smartphones (e.g. Pocophone F1, Oppo Reno 5G).

Expressif, Infineon, and Bluetrum have released patches, while other OEMs are still investigating the issue.

If a patch is not available, security vendors advise disabling Bluetooth.

See the hack demoed below:

via Malwarebytes, BleepingComputer

More about the topics: bluetooth, braktooth, security