Attackers could exploit a set of Bluetooth vulnerabilities, affecting the Core and Mesh Profile specifications, to conduct man-in-the-middle (MitM) attacks.
Researchers at the french intelligence agency ANSSI discovered multiple flaws in the Bluetooth Core and Mesh Profile specifications that could be used to impersonate legitimate devices during the pairing process and conduct man-in-the-middle (MitM) attacks while within wireless range of vulnerable devices.
All the devices supporting Bluetooth Core and Mesh specifications are affected by the above issues and are vulnerable to impersonation attacks and AuthValue disclosure.
Researchers identified a vulnerability affecting the Passkey authentication in BR/EDR Secure Simple Pairing in Bluetooth Core Specifications 2.1 through 5.2, BR/EDR Secure Connections Pairing in Bluetooth Core Specifications 4.1 through 5.2 and LE Secure Connections Pairing in Bluetooth Core Specifications 4.2 through 5.2. The experts discovered that attackers in a MITM position were able to use a crafted series of responses to determine each bit of the randomly generated Passkey selected by the pairing initiator in each round of the pairing procedure. Once the bits composing the Passkey were identified during the same pairing session an attack could complete the authenticated pairing process with the responder.
“After successful completion of the authentication procedure, the responder will be authenticated to the attacker rather than the initiator, permitting the attacker to act in the role of an encrypted and authenticated peer. The attacker does not succeed in pairing with the initiator by this method, preventing a fully transparent MITM attack on the pairing procedure between the initiator and responder.” reads the advisory published by the Bluetooth SIG.
“For this attack to be successful, an attacking device needs to be within wireless range of two vulnerable Bluetooth devices initiating pairing or bonding where a BR/EDR IO Capabilities exchange or LE IO Capability in the pairing request and response results in the selection of the Passkey pairing procedure.”
The Bluetooth Special Interest Group (SIG) published security notices about the flaws, below the full list of the issues:
Vulnerability | Publication Date | Details | Specifications Affected | CVE [NVD] |
Bluetooth Mesh Profile AuthValue leak | 05/24/2021 | SIG Security Notice | Mesh Profile Spec, v1.0 to v1.0.1 | CVE-2020-26559 |
Malleable commitment in Bluetooth Mesh Profile provisioning | 05/24/2021 | SIG Security Notice | Mesh Profile Spec, v1.0 to v1.0.1 | CVE-2020-26556 |
Predictable Authvalue in Bluetooth Mesh Profile provisioning leads to MITM | 05/24/2021 | SIG Security Notice | Mesh Profile Spec, v1.0 to v1.0.1 | CVE-2020-26557 |
Impersonation attack in Bluetooth Mesh Profile provisioning | 05/24/2021 | SIG Security Notice | Mesh Profile Spec, v1.0 to v1.0.1 | CVE-2020-26560 |
Impersonation in the BR/EDR pin-pairing protocol | 05/24/2021 | SIG Security Notice | Core Spec, v1.0B to 5.2 | CVE-2020-26555 |
Authentication of the Bluetooth LE legacy-pairing protocol | 05/24/2021 | SIG Security Notice | Core Spec, v4.0 to 5.2 | N/A |
Impersonation in the Passkey entry protocol | 05/24/2021 | SIG Security Notice | Core Spec, v2.1 to 5.2 | CVE-2020-26558 |
The Carnegie Mellon CERT Coordination Center (CERT/CC) also published an advisory that includes the list of the impacted vendors, such as Cisco, Microchip, Red Hat, Intel, and Android.
Follow me on Twitter: @securityaffairs and Facebook
Pierluigi Paganini
International Editor-in-Chief
Cyber Defense Magazine