Bluetooth systems affected by wide-ranging security issue

null

Bluetooth has a bug which can allow hackers to slip in and steal data, even when you're in a secure connection

The news was unveiled by Lior Neumann and Eli Biham, two cybersecurity researchers from the Israel Institute of Technology who discovered the vulnerability, known as CVE-2018-5383. 

To present the problem in layman's terms, the pairing between two devices is weak due to a miscommunication, allowing remote attackers to obtain the encryption key used to secure a connection.

Different devices are affected – Apple's, Broadcom's, Intel's, Qualcomm's, and most likely, others too. Apple, Broadcom, and Intel have all already issued fixes, with Qualcomm's spokesperson said they've also deployed a fix. 

Microsoft claims its devices remained unaffected by the flaw, something CERT/CC could not confirm.

Image source: Shutterstock/Ekaphon maneechot