软餐获悉,一个新的漏洞(CVE-2023-24023)被发现,该漏洞让过去十年中的几乎所有蓝牙设备之间的连接都可以被劫持,攻击者会接管与一个已存在设备之间的连接。这种中间人攻击通过强制设备使用较弱加密来实施,然后很容易破解该加密。Eurecom 的 Daniele Antonioli 在论文中指出了这一点。Bluetooth SIG(蓝牙技术联盟)承认了该安全问题,并建议设备制造商不再允许使用较弱加密进行连接。此安全问题存在于从 4.2 版本到最新版本 5.4 的所有蓝牙版本中,并且是由架构引起的,因此没有真正的修复方法。攻击利用需要攻击者在两个正在建立或已经建立连接的设备范围内。通过伪装其中一个设备并强制执行较弱加密,就可以接管该连接。研究人员建议尽可能始终使用 Secure Connections 功能来保护设备,在建立连接时提供更好的安全性。
A new vulnerability (CVE-2023-24023) has been discovered that allows the hijacking of connections between almost all Bluetooth devices in the past decade. Attackers can take over a connection between an existing device and another device. This man-in-the-middle attack is carried out by forcing devices to use weaker encryption, which can then be easily cracked. Daniele Antonioli from Eurecom pointed this out in a paper. Bluetooth SIG (Bluetooth Special Interest Group) acknowledges this security issue and advises device manufacturers to no longer allow connections with weaker encryption. This security issue exists in all Bluetooth versions from 4.2 to the latest version 5.4 and is caused by the architecture, so there is no real fix for it. The attack requires attackers to be within range of two devices that are either establishing or have already established a connection. By impersonating one of the devices and enforcing weaker encryption, they can take over that connection. Researchers recommend using Secure Connections functionality whenever possible to protect devices and provide better security during connection establishment.